Information Security News Blog

GPT-4: AI Model Turned Exploit Expert

Researchers from the University of Illinois at Urbana-Champaign recently published a study demonstrating that OpenAI’s artificial intelligence model, GPT-4, is capable of independently exploiting vulnerabilities in real systems once it receives detailed descriptions of...

Discord Messages for Sale: Spy Pet Raises Alarms

A service called Spy Pet has raised alarms among Discord users by offering archival and activity tracking services on the platform for a nominal fee of $5. Spy Pet enables third parties, potentially including...

SoumniBot: Android Malware with Evasive Tactics

A new type of banking malware for Android, named “SoumniBot,” employs an unconventional obfuscation method that leverages vulnerabilities in the process of extracting and analyzing the Android manifest. This allows it to circumvent standard...

Warning: Infected Documents Target Ukraine

Since 2015, certain Ukrainian government networks have remained infected with a malicious program known as OfflRouter. Researchers from Cisco Talos have analyzed over 100 infected documents, which enabled them to identify the virus’s ongoing...

Critical TP-Link Flaw Under Attack: Update Now

Fortinet reports that malicious actors continue to exploit a year-old vulnerability in TP-Link routers, incorporating them into various botnets for conducting DDoS attacks. The command injection vulnerability, CVE-2023-1389 (CVSS score: 8.8), was identified at...

CVE-2024-31497: PuTTY Exploit Endangers Data

The developers of PuTTY are issuing a warning about a critical vulnerability affecting versions 0.68 to 0.80, which could potentially allow an attacker to completely reconstruct private NIST-P521 keys. The vulnerability, identified as CVE-2024-31497,...