Security news aggregator

Latest cybersecurity reporting from selected sources.

Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.

8 headlines in this view

Refine the feed

Search across headline titles and summaries.

Volume over time

Weekly headline count for the current query.

Showing 8 most recent headlines Filtered view

3 Major Tech Firms Shipped Vulnerable Open-Source Tools to Hugging FaceResearchers discovered remote code execution vulnerabilities in three AI libraries from Apple, Salesforce and Nvidia used by models with tens of millions of Hugging Face downloads, allowing attackers to hide malicious code in model metadata.

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow remote attackers to hide malicious code in metadata. The code then executes automatically when a file containing the poisoned metadata is loaded.…

Oligo Security has warned of ongoing attacks exploiting a two-year-old security flaw in the Ray open-source artificial intelligence (AI) framework to turn infected clusters with NVIDIA GPUs into a self-replicating cryptocurrency mining botnet

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang

Bank Info Security 11 months, 1 week ago

Nvidia Patches Trio of Triton Vulnerabilities

Chip Manufacturer Shore Up Loose Server EndsArtificial chip maker giant Nvidia published patches for its open-source platform allowing users to run models at scale after researchers found hackers could gain complete control of the underlying server - allowing them to steal the models, manipulate its responses and steal data.

A newly disclosed set of security flaws in NVIDIA's Triton Inference Server for Windows and Linux, an open-source platform for running artificial intelligence (AI) models at scale, could be exploited to take over susceptible servers

Bank Info Security 1 year, 5 months ago

ISMG Editors: DeepSeek's AI Disruption and Security Risks

Also: UnitedHealth Breach Now Affects Over Half of US PopulationIn this week's update, ISMG editors discussed two major stories shaking the tech and cybersecurity worlds - China's AI leap with DeepSeek, a new open-source bot that wiped $600 billion off of Nvidia's value, and an update on the massive UnitedHealth breach, which now affects 190 million people.