Lessons From AI Hacking: Every Model, Every Layer Is Risky
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
After two years of finding flaws in AI infrastructure, two Wiz researchers advise security pros to worry less about prompt injection and more about vulnerabilities.
Security researchers exploited dozens of vulnerabilities in vehicle infotainment systems and EV chargers during the latest Pwn2Own contest at Automotive World 2026.
While investigating the cyberattacks, researchers uncovered a new spyware product from Memento Labs, the successor to the infamous Hacking Team.
Though the groups have shared their decision to go dark, threat researchers say there are signs that it's business as usual.
A string of threat-actor OpSec failures have yielded unexpected windfalls for security researchers and defenders.
Sysdig researchers detailed an ongoing campaign from China-backed threat actor UNC5174, which is using open source hacking tools to stay under the radar.
Weeks after the critical vulnerability was reported and a hacking of the Treasury Department, nearly 9,000 BeyondTrust instances remain wide open to the Internet, researchers say.
Researchers demonstrate how to hack Ruijie Reyee access points without Wi-Fi credentials or even physical access to the device.
Researchers uncover a way to hack the summer cookout — but firmware updates will stop that grilled meat (or tofu) from turning into an inedible mess.
With the requirement that all vulnerabilities first get reported to the Chinese government, once-private vulnerability research has become a goldmine for China's offensive cybersecurity programs.
Microsoft researchers discover an old-timey scam with a facelift for the cloud era: hacking retailers' portals to make it rain gift cards.
Zero Day Initiative awarded a total of $732,000 to researchers who found 19 unique cybersecurity vulnerabilities during the first day of Pwn2Own.
Researchers tested their theory on nine chargers, each different and available to consumers, and found them all vulnerable to their attacks.
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
Weapons systems data, AI research, and other classified information may be up for sale, not to mention access to other government agencies.
If not correctly locked down, Jupyter Notebook offers a novel initial access vector that hackers can use to compromise enterprise cloud environments, as seen in a recent hacking incident.
Since launching in 2019, the Security Device Research Program has discovered 130 critical vulnerabilities; applications are now open for Apple's 2024 iteration.
The new Security Legal Research Fund and Hacking Policy Council are aimed at protecting "good faith" security researchers from legal threats and giving them a voice in policy discussions.
Learning how to break the latest AI models is important, but security researchers should also question whether there are enough guardrails to prevent the technology's misuse.
In two days, ethical researchers from 10 countries have unearthed more than 22 zero-day bugs in a wide range of technologies at the annual hacking contest.