Amateur observers spot suspicious trades on the crypto-based betting platform.
Tag: spot
AI, Global Security News, privacy
Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads
A malicious Hugging Face repository managed to take a spot in the platform’s trending list by impersonating OpenAI’s Privacy Filter open-weight model to deliver a Rust-based information stealer to Windows users. The project, named Open-OSS/privacy-filter, masqueraded as its legitimate counterpart, released by OpenAI late last month (openai/privacy-filter), including copying the entire
AI, Global Security News
Sam Altman’s Side Hustles Blur the Line Between OpenAI’s Interests and His Own
Ahead of a planned IPO, Altman’s personal investments remain opaque, making it hard to spot any conflicts.
AI, Cybersecurity, Global Security News, Network Security
Vertex AI Vulnerability Exposes Google Cloud Data and Private Artifacts
Cybersecurity researchers have disclosed a security “blind spot” in Google Cloud’s Vertex AI platform that could allow artificial intelligence (AI) agents to be weaponized by an attacker to gain unauthorized access to sensitive data and compromise an organization’s cloud environment. According to Palo Alto Networks Unit 42, the issue relates to how the Vertex AI…
AI, Data Breaches, Global Security News
Weekly Update 497
Day by day, I find we’re eeking more goodness out of OpenClaw and finding the sweet spot between what the humans do well and the agent can run off and do on its own. Significantly, we’re shifting more and more of the workload to the latter as all 3 of us at HIBP HQ get…
Global Security News
How a Large Bank Uses AI Digital Twins for Threat Hunting
JPMorgan Chase uses digital fingerprints and digital twins to spot online attackers and malicious behaviors while also reducing pesky false alerts.
AI, Apps, Compliance, Cybersecurity, Endpoint, Global Security News, malware, Network Security, Risk Management
MicroStealer Analysis: A Fast-Spreading Infostealer with Limited Detection
Security teams depend on early signals to spot and contain new threats. But what happens when a fully capable infostealer spreads while traditional detections stay limited? In recent investigations, ANY.RUN researchers observed MicroStealer in 40+ sandbox sessions in less than a month, despite low public visibility. Early activity points to distribution through compromised or impersonated accounts,…
AI, Global Security News
Interview with Tom Howe of Hydrolix: AI Bots, the Friends, Foes, and Frenemies of Online Shopping
Hydrolix expert Tom Howe explains how AI bots impact ecommerce, how to spot good vs malicious bots, and why blocking them can hurt sales.
AI, Global Security News
‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users
A blind spot in Microsoft’s app and add-in marketplace security allowed an eagle-eyed hacker to hijack an abandoned Outlook add-in to carry out phishing attacks that compromised 4,000 users, researchers have discovered. The app in question, AgreeTo, is, or was, a meeting scheduling tool that first appeared in 2022 but was abandoned at some point…
AI, Global Security News
‘Dead’ Outlook add-in hijacked to phish 4,000 Microsoft Office Store users
A blind spot in Microsoft’s app and add-in marketplace security allowed an eagle-eyed hacker to hijack an abandoned Outlook add-in to carry out phishing attacks that compromised 4,000 users, researchers have discovered. The app in question, AgreeTo, is, or was, a meeting scheduling tool that first appeared in 2022 but was abandoned at some point…
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…
AI, API security, Data Breaches, Endpoint, Exploits, Global Security News, Network Security, Risk Management
Attackers Don’t Need to Breach Your API -They’ll Breach the Tools That Touch It
The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact. What Happened During…