Category: Shorts

Remote Code Execution in vm2 JavaScript Library Remote Code Execution in vm2 The vm2 JavaScript library has released two new versions, 3.9.16 and 3.9.17, to address two critical vulnerabilities, CVE-2023-29199 and CVE-2023-30547, rated 9.8 out of 10 on the CVSS scoring system. These flaws can be exploited to bypass sandbox protections and gain remote code…

Iranian Hackers Targeting U.S. Energy and Transit Systems Mint Sandstorm is a government-backed Iranian threat actor linked to attacks on U.S. critical infrastructure from late 2021 to mid-2022. The targeted entities include seaports, energy companies, transit systems and a major gas company. The attacks are suspected to be retaliatory and in response to previous attacks…

Cyber espionage group Blind Eagle uncovered a new attack chain Blind Eagle, a suspected Spanish-speaking cyber espionage group, has been linked to a new attack chain leading to the deployment of the NjRAT remote access trojan. This attack chain involves the use of spear-phishing lures to deliver malware, a JavaScript downloader to execute a PowerShell…

Meta Cuts Technical Roles in Latest Layoffs Meta has begun its latest round of layoffs, which affects employees in technical roles. It is estimated that 4,000 people will be laid off, and posts from people laid off in various roles can be seen on LinkedIn. This is in addition to the 11,000 people Meta has…

Google employees label AI chatbot ‘Bard’ as worse than useless and a pathological Google employees have criticized the company’s chatbot Bard, citing it as a pathological liar and worse than useless. Despite the risk evaluations submitted by an internal safety team, Google opened up early access to the bot in March. This illustrates how Google…

Goldoson Android Malware Infects Over 100 Million Android Devices Malware strain Goldoson has been found in over 60 apps on the Google Play Store, with a combined 100 million downloads. An additional 8 million downloads were tracked from a third-party app store in South Korea. The malicious library is capable of gathering information about installed…

YouTube Videos Distributing Malware via Highly Evasive Loader Cybersecurity researchers have uncovered a new malware loader, in2al5d p3in4er, which is used to deliver the Aurora information stealer malware. The malicious software is distributed through YouTube videos and fake cracked software download websites. The loader is designed to evade detection by querying the vendor ID of…

Leveraging Mobile Phone Data with Machine Learning to Target and Fight Poverty Researchers from UC Berkeley and the World Bank have developed a machine learning model using non-traditional administrative data (such as call detail records) to accurately target ultra-poor households for government anti-poverty programs in low to medium-income countries. The model was found to have…

Some Glimpse of AGI in ChatGPT. Others Call It a Mirage Microsoft researchers have recently made claims that their new AI system, GPT-4, may be exhibiting sparks of artificial general intelligence. GPT-4 is a powerful text generation algorithm that is capable of creating scientific diagrams, writing poetry and prose, and solving coding problems. Although it…

Meta Launches Horizon Worlds social VR Meta is launching their Horizon Worlds social VR platform to teens in the US and Canada in the coming weeks. To ensure a safer experience, Meta has implemented features such as private profiles, voice mode to turn voices of people you don’t know into “quiet, friendly sounds”, and expanded…