JadePuffer: The First Complete LLM-Driven Ransomware Attack
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.
Stay informed on database security trends, breaches, and best practices in information security with our comprehensive news and updates.
Search across headline titles and summaries.
Background for this topic.
Databases store and organize data electronically, enabling efficient retrieval and management. They often hold sensitive information such as user credentials, financial records, or personal details, making them prime targets for attackers. Common database types include relational databases using structured query language (SQL) and NoSQL databases designed for unstructured data.
Security risks include SQL injection attacks that exploit improper input handling to manipulate or extract data, and misconfigured access controls that allow unauthorized users to view or alter information. Protecting databases involves strict authentication, role-based access controls, encryption of data at rest and in transit, and timely application of security patches to database software. Monitoring query logs and access patterns helps detect suspicious activity that could indicate compromise or insider threats.
Weekly headline count for the current query.
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.
The CI/CD workflow weakness affects Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, and Python Software Foundation's Black.
Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code execution, and data theft.
Organizations disclose attack details, though information may be limited. What if they did the same with close calls?
StrongDM, which injects ephemeral, real-time credentials into developer workflows, will enable Delinea to offer privilege access management across cloud, SaaS, Kubernetes, and database environments.
How MITRE has mismanaged the world's vulnerability database for decades and wasted millions along the way.
The EU cyber agency ENISA has launched its vulnerability database, the EUVD; security experts shared their thoughts regarding what this means for CVEs, as well as the larger conversation around how bugs are tracked.
Despite all MITRE has done for cybersecurity, it is clear we should not wait 11 months to discuss the future of the CVE database. It's simply too important for that.
The database company said its Oracle Cloud Infrastructure (OCI) was not involved in the breach. And at least one law firm seeking damages is already on the case.
The changes will go into effect over the next several days to reflect which CVEs are being prioritized in the National Vulnerability Database (NVD).
The Hellcat ransomware group has stolen roughly 5,000 documents, potentially containing confidential information, from the telecom giant's internal database.
A research tool by the company found a vulnerability in the SQLite open source database, demonstrating the "defensive potential" for using LLMs to find vulnerabilities in applications before they're publicly released.
In a vengeful move against the happiest place on Earth, the former employee allegedly used his old credentials to make potentially deadly changes.
The AI Incident Reporting and Security Enhancement Act would allow NIST to create a process for reporting and tracking vulnerabilities found in AI systems.
So far, the threat actor has compromised at least five organizations using CVE-2024-39717; CISA has added bug to its Known Exploited Vulnerability database.
Despite getting help, NIST is not keeping up with new vulnerability reports for the National Vulnerabilities Database, according to an analysis from Fortress Information Security.
Graph and streaming databases are helping defenders deal with complex, real-time threat and cybersecurity data to find weak points before attackers.
Since its inception, three key factors have affected the NVD's ability to classify security concerns — and what we're experiencing now is the result.
A China-linked threat actor had access to a router configuration database that could have completely disrupted coverage, a security vendor says.