Tens of thousands of IPs vulnerable to Fortinet flaw dubbed 'must patch' by feds
Around 87,000 IPs are likely susceptible to a Fortinet vulnerability that the Cybersecurity and Infrastructure Security Agency put on its "must patch" list last week because attackers are actively exploiting it, according to data from the nonprofit Shadowserver Foundation. The number was at 87,930 on Saturday before dropping slightly to 86,602 on Sunday. CISA placed the critical remote code execution vulnerability on its Known Exploited Vulnerability list. READ MORE...
Pokémon Gaming Company Employee Info Leaked in Hack
Game Freak, the company behind the Pokémon franchise, is dealing with a security breach that has compromised the data of more than 2,600 employees and partners. The data leak first came to light on a forum known as 4chan earlier this month before it began circulating on social media and other online forums. Coined "TeraLeak," the breach contains multiple gigabytes of information according to Centro Leaks, a Pokémon leak monitoring account. READ MORE...
US healthcare org admits up to 400,000 people's personal info was snatched
A Houston-based services provider to healthcare organizations says a crook may have grabbed up to 400,000 people's information after the miscreant accessed the systems of one of its customers. Gryphon Healthcare, which provides revenue cycle and management services, said patients' names, dates of birth, addresses, and Social Security numbers were all potentially accessed by a malicious attacker. READ MORE...
Cisco investigates breach after stolen data for sale on hacking forum
Cisco has confirmed to BleepingComputer that it is investigating recent claims that it suffered a breach after a threat actor began selling allegedly stolen data on a hacking forum. "Cisco is aware of reports that an actor is alleging to have gained access to certain Cisco-related files," a Cisco spokesperson told BleepingComputer. "We have launched an investigation to assess this claim, and our investigation is ongoing." READ MORE...
Splunk Enterprise Update Patches Remote Code Execution Vulnerabilities
Splunk on Monday announced fixes for 11 vulnerabilities in Splunk Enterprise, two of which are high-severity bugs leading to remote code execution on Windows systems. The most severe of the flaws is CVE-2024-45733 (CVSS score of 8.8), an insecure session storage configuration issue that could allow a user without 'admin' or 'power' Splunk roles to execute code remotely. According to Splunk, only instances running on Windows machines are affected by this vulnerability. READ MORE...
Invisible text that AI chatbots understand and humans can't? Yep, it's a thing.
What if there was a way to sneak malicious instructions into Claude, Copilot, or other top-name AI chatbots and get confidential data out of them by using characters large language models can recognize and their human users can't? As it turns out, there was-and in some cases still is. The invisible characters, the result of a quirk in the Unicode text encoding standard, create an ideal covert channel that can make it easier for attackers to conceal malicious payloads fed into an LLM. READ MORE...
Apple study exposes deep cracks in LLMs' "reasoning" capabilities
For a while now, companies like OpenAI and Google have been touting advanced "reasoning" capabilities as the next big step in their latest artificial intelligence models. Now, though, a new study from six Apple engineers shows that the mathematical "reasoning" displayed by advanced large language models can be extremely brittle and unreliable in the face of seemingly trivial changes to common benchmark problems. READ MORE...
Robot vacuum cleaners hacked to spy on, insult owners
Multiple robot vacuum cleaners in the US were hacked to yell obscenities and insults through the onboard speakers. ABC news was able to confirm reports of this hack in robot vacuum cleaners of the type Ecovacs Deebot X2, which are manufactured in China. Ecovacs is considered the leading service robotics brand, and is a market leader in robot vacuums. One of the victims, Minnesota lawyer Daniel Swenson, said he heard sound snippets that seemed similar to a voice coming from his vacuum cleaner. READ MORE...
- ...in 1878, Thomas A. Edison founds the Edison Electric Light Co.
- ...in 1938, musician and activist Fela Kuti, who helped popularize Pan-African music and the Afrobeat genre, is born in Abeokuta, Nigeria.
- ...in 1969, rallies against the war in Vietnam draw over 2 million demonstrators across the US, a quarter million of them in the nation's capital.
- ...in 2003, China launches its first manned space mission, Shenzhou 5.
