Security news aggregator

Latest coverage for Machine Learning

Machine learning supports malware detection and threat analysis, but attackers can also exploit biased data, model weaknesses, or poisoned training.

3 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Machine learning is a way to build software that learns patterns from data and uses them to classify, predict, or make decisions, rather than relying solely on hand-written rules. Models may support malware and phishing detection, user- or entity-behavior analysis, vulnerability prioritization, and automated security triage. Their outputs are probabilistic, so unusual activity can be missed or incorrectly flagged; changing normal behavior can also cause model drift and reduce accuracy.

Security teams must protect both the model and its training data. An attacker may manipulate training examples (data poisoning), craft inputs designed to evade detection (adversarial examples), or extract sensitive information from a model or its data. Controls include trusted data provenance, access restrictions, testing against realistic evasive inputs, monitoring for drift, and human review of high-impact decisions. Where models process personal, proprietary, or security telemetry, collection, retention, and reuse require appropriate privacy and governance controls.

Showing 3 most recent headlines Filtered view

GitHub projects have been targeted with malicious commits and pull requests, in an attempt to inject backdoors into these projects. Most recently, the GitHub repository of Exo Labs, an AI and machine learning startup, was targeted in the attack, which has left many wondering about the attacker's true intentions. [...]

Cybersecurity researchers have disclosed two security flaws in Google's Vertex machine learning (ML) platform that, if successfully exploited, could allow malicious actors to escalate privileges and exfiltrate models from the cloud