Tag: security
Experts warn Google Gemini could be an easy target for hackers everywhere
Google Gemini can be tricked to disclose system prompts, generate malicious content, and even mount indirect injection attacks, experts have warned. A new report from cybersecurity researchers HiddenLayer claims the flaws could be abused on Gemini Advanced, integrated with Google Workspace, or the Gemini API. System prompts are instructions that…
Read More
Watch out — these malicious PyPl packages could drain your wallet, and they’ve already been downloaded thousands of times
Be careful when downloading Python packages from PyPI – researchers have found some are malicious and looking to steal your cryptocurrency haul. Cybersecurity researchers from ReversingLabs recently discovered seven such packages, whose goal is to steal BIP39 mnemonic phrases from its victims. A cryptocurrency wallet is secured in two ways:…
Read More
Millions of secrets and auth keys were leaked on GitHub last year
Millions of secrets and authentication keys were leaked on GitHub in 2023, with the majority of developers not caring to revoke them even after being notified of the mishap, new research has claimed. A report from GitGuardian, a project that helps developers secure their software development with automated secrets detection…
Read More
Tor has a new HTTPS-esque feature to help beat censorship
The Tor Project has released a new bridge called WebTunnel, aimed at those trying to access the internet in regions with heavy censorship. In its blog post, the organization says, “the development of different types of bridges are crucial for making Tor more resilient against censorship and stay ahead of…
Read More
Stanford University says data of thousands was stolen in ransomware attack
The ransomware attack against Stanford University in 2023 resulted in 27,000 people having their sensitive information stolen, it has confirmed in an update on its website as well as via a filing with the Office of the Maine Attorney General. In the update, the education organization said that threat actors…
Read More
Microsoft just patched a whole load of important security flaws, including two critical issues – so update now
The March 2024 edition of Microsoft’s Patch Tuesday is upon us, fixing dozens of vulnerabilities, including two critical severity issues which could result in remote code execution (RCE) and privilege escalation. In its advisory, Microsoft announced addressing 61 CVEs, in addition to 17 Edge flaws fixed a few weeks prior.…
Read More