AI 资讯
The US government’s Anthropic models ban was never about an AI jailbreak
The Trump administration's decision that forced Anthropic to pull its latest cybersecurity models could be reactionary, retaliatory, or both, but the message is clear: The AI industry isn't immune from U.S. government interference.
AI 资讯
PyPI Supply Chain, OWASP LLM Top 10, & eBPF Cloud-Native Security
PyPI Supply Chain, OWASP LLM Top 10, & eBPF Cloud-Native Security Today's Highlights Today's security highlights include a critical new malicious PyPI package targeting developers, a comprehensive guide to the OWASP Top 10 vulnerabilities for LLM applications, and practical insights into leveraging eBPF for advanced cloud-native security monitoring. New Malicious PyPI Package 'ColorLib' Targets Developers with Info-Stealing Malware (The Hacker News) Source: https://thehackernews.com/2026/06/new-malicious-pypi-package-colorlib.html This story details the discovery of a malicious package named 'ColorLib' uploaded to the Python Package Index (PyPI). The package is designed to act as info-stealing malware, specifically targeting developers who might inadvertently incorporate it into their projects. Upon execution, the malware attempts to exfiltrate sensitive data, such as environment variables, cryptocurrency wallet details, and various credentials, from the compromised system. This incident underscores the ongoing threat of software supply chain attacks, where attackers inject malicious code into commonly used open-source repositories. Developers relying on public package managers like PyPI must exercise extreme caution and implement robust security practices, including vetting packages, using dependency scanners, and maintaining a principle of least privilege. The rapid proliferation of such attacks necessitates constant vigilance and proactive security measures to prevent widespread compromise. Comment: Developers should immediately check their requirements.txt and pip freeze output for 'colorlib' and ensure all dependencies are from trusted sources, as these attacks are increasingly common. Exploring the OWASP Top 10 for LLM Applications (The Hacker News) Source: https://thehackernews.com/2026/06/exploring-owasp-top-10-for-llm.html The Open Worldwide Application Security Project (OWASP) has released its highly anticipated Top 10 list specifically tailored for Large
AI 资讯
LiteLLM Vulnerability Chain Enables Full AI Gateway Takeover from Default Account
TL;DR what: Three chained vulnerabilities in LiteLLM AI gateway allow default low-privilege users to bypass authorization, escalate to admin, and execute arbitrary code on the server. impact: Full compromise exposes every provider API key (OpenAI, Anthropic, Azure, etc.), database credentials, decryption secrets, and all prompts and responses passing through the gateway. fix: Upgrade immediately to LiteLLM v1.83.14-stable or later, which includes complete fixes for CVE-2026-47101, CVE-2026-47102, and CVE-2026-40217. who: Any organization running LiteLLM proxy to broker AI model access, especially those with internal users or agents routing through the gateway. A critical vulnerability chain in LiteLLM, a widely deployed open-source AI gateway, allows attackers starting from a default low-privilege account to achieve full server takeover and code execution. Obsidian Security researchers disclosed the three-bug chain rated CVSS 9.9, with maintainer BerriAI shipping complete fixes in version 1.83.14-stable on May 2, 2026. LiteLLM brokers API calls to more than 100 AI model providers—OpenAI, Anthropic, Google Gemini, AWS Bedrock, Azure OpenAI, and others—behind a single OpenAI-compatible interface. Organizations deploy it as a central gateway to manage costs, enforce policies, and route requests across multiple backends. That centralized position makes it a high-value target: a compromised proxy exposes every provider key it holds, the secrets that decrypt stored credentials, and every prompt and response flowing through it. The Three-Link Chain The attack begins with CVE-2026-47101, an authorization bypass. When a regular internal_user creates a virtual API key, LiteLLM stores the caller-supplied allowed_routes field without validating it against the user's role. This field is intended to restrict what the key can access, but the proxy also treats it as a fallback authorization grant. An attacker can mint a key with allowed_routes: ["/*"], a wildcard that opens every r
AI 资讯
Could UBID and UDC Solve the Biggest Problem Facing Advanced AI?
As AI systems become more powerful, the conversation is shifting. The biggest challenge is no longer whether AI can write code, solve problems, or accelerate scientific discovery. The real question is: How do we safely govern systems that may eventually become more capable than the institutions built to regulate them? This is where my research on Universal Biometric Identification (UBID) and Universal Digital Credits (UDC) becomes interesting. The Problem Modern AI systems operate in a world where identity is increasingly difficult to verify. A powerful AI model can be accessed through: Anonymous accounts Disposable email addresses VPNs Automated bot networks Fake identities As AI capabilities increase, this creates a growing governance challenge. If a future AI system could discover software vulnerabilities, design advanced technologies, or perform high-impact research, how would organizations determine who should have access? Today, they largely cannot. The internet was designed around connectivity, not verified human identity. What Is UBID? In my paper, I propose Universal Biometric Identification (UBID), a framework where every person receives a globally unique identity based on multiple biometric factors such as: Fingerprints Facial recognition Iris patterns Voice recognition Behavioral characteristics These biometric signals are combined with cryptographic security and distributed ledger technologies to create a secure digital identity framework. The goal is not surveillance. The goal is to create a trusted proof-of-personhood system. A system capable of answering a simple question: Is this a real, verified human? What Is UDC? Universal Digital Credits (UDC) extend this identity layer into a global transaction framework. Instead of relying entirely on traditional banking systems, transactions can be linked directly to verified digital identities. This creates: Reduced fraud Better accountability Financial inclusion Transparent transaction records Global access
AI 资讯
AI Provenance Risks, Honda Key Fob Vuln, & Rust Miri FFI Safety
AI Provenance Risks, Honda Key Fob Vuln, & Rust Miri FFI Safety Today's Highlights This week, we examine critical security insights across diverse domains, including the integrity of "homegrown" AI models, a practical key fob vulnerability impacting Honda vehicles, and advanced defensive techniques for ensuring memory safety in Rust applications via Miri. These stories highlight the ongoing need for vigilance in supply chain trust, physical system hardening, and robust software development practices. Honda Civics and the Evil Valet (Hacker News) Source: https://juniperspring.org/posts/honda-evil-valet/ This report uncovers a significant security vulnerability present in various Honda Civic models related to their key fob and "valet mode" system. The core issue lies in the design allowing a valet, given temporary access to a vehicle, to exploit the key fob's functionality to generate a permanent copy of the car's virtual key. By initiating a specific sequence while the original key fob is within range, an unauthorized party can essentially "clone" access to the vehicle, bypassing typical security measures. This creates a persistent risk, as the valet or any malicious actor who gains temporary possession of the key fob could retain unauthorized access to the car indefinitely, even after returning the original key. The vulnerability underscores the importance of a well-defined privilege model even in physical systems, where a "valet" should only have limited, temporary access. For owners, this raises concerns about trusting their vehicles to third parties, highlighting a gap in the security architecture that could lead to vehicle theft or unauthorized usage. This practical vulnerability serves as a stark reminder that security extends beyond digital perimeters into the physical realm of everyday objects. Comment: This real-world flaw demonstrates how critical it is to evaluate trust boundaries in all systems, physical or digital. Understanding the potential for privile
AI 资讯
Arch Linux Supply Chain Malware, repo-slopscore & AI Model Security Concerns
Arch Linux Supply Chain Malware, repo-slopscore & AI Model Security Concerns Today's Highlights This week highlights a significant supply chain attack on Arch Linux, affecting over 1,500 packages. We also cover a new open-source tool, repo-slopscore, for detecting AI-generated code, and the implications of the US government's directive to suspend access to Anthropic's Fable 5 and Mythos 5 models. Arch Linux Now Believes Malware Incident Under Control: More Than 1,500 Packages (Hacker News) Source: https://www.phoronix.com/news/Arch-Linux-AUR-More-Than-1500 This report details a substantial malware incident impacting the Arch Linux ecosystem, specifically targeting over 1,500 packages within the Arch User Repository (AUR). This compromise represents a significant supply chain attack, demonstrating how malicious code can infiltrate and propagate through widely trusted open-source distribution channels. While the specifics of the exploit vectors and the full extent of the malware payload are still being investigated and disclosed, the sheer scale of affected packages underscores a critical vulnerability in the software supply chain, where the integrity of upstream components directly impacts the security of downstream users. Such large-scale incidents necessitate a robust re-evaluation of verification processes for third-party contributions and proactive, continuous monitoring within community-driven repositories. For Arch Linux users, this incident serves as a stark reminder of the importance of verifying the integrity of their installed packages, utilizing tools for signature validation, and being vigilant about suspicious activity or unexpected package behavior. The event emphasizes that even meticulously maintained distributions are not immune to sophisticated supply chain compromises, reinforcing the need for multi-layered security strategies, including stringent repository governance, automated vulnerability scanning, and enhanced user-side integrity checks to mi
AI 资讯
The FBI built its own replica small town to simulate real-world cyberattacks
Hidden inside a building in Alabama, the FBI has created its own small town as a dedicated cyber training ground for simulating cyberattacks.
AI 资讯
AI Agent Security, Malware Evasion, & LLM Data Leakage Risks
AI Agent Security, Malware Evasion, & LLM Data Leakage Risks Today's Highlights Today's highlights cover crucial security challenges, from sophisticated malware evasion tactics confusing analysis tools to the inherent risks of autonomous AI agents causing financial damage. We also delve into the critical data security implications of interacting with large language models, emphasizing the need for robust data governance and user education. Malware developers added nuclear and biological weapons text to to their spyware (Hacker News) Source: https://twitter.com/jsrailton/status/2064661778978533571 This report highlights a concerning tactic employed by malware developers to evade detection and analysis. By embedding seemingly innocuous, yet contextually irrelevant, strings such as "nuclear and biological weapons" text within their spyware's code or data, threat actors aim to mislead security researchers and automated analysis tools. This technique, often referred to as 'camouflage' or 'noise injection,' complicates the process of signature-based detection and behavioral analysis by adding irrelevant data that can confuse pattern matching algorithms or human analysts investigating suspicious binaries. It leverages the expectation that malicious code should contain only code related to its function, subverting this by introducing data that might trigger false positives or simply overwhelm analysis efforts. This tactic necessitates more sophisticated defensive techniques, moving beyond simple string searches or basic heuristic analysis. Organizations must enhance their sandboxing capabilities, employ advanced machine learning-driven anomaly detection, and focus on dynamic analysis that observes the actual behavior of the malware rather than relying solely on static analysis. Understanding such obfuscation and evasion tactics is crucial for developing robust threat intelligence and improving the resilience of endpoint detection and response (EDR) systems against evolving
AI 资讯
Chinese cybercrime operation that used AI to scam ‘hundreds of thousands of victims’ sued by Google
The tech giant said a group called "Outsider Enterprise" used AI to scam hundreds of thousands of victims, sending 2.5 million text messages over a span of two weeks.
AI 资讯
Congress lets decades-old spying law lapse amid Trump's controversial DNI nomination
Congress, afraid of empowering Bill Pulte, has allowed a decades-old spying law to lapse.
AI 资讯
Um resumo sobre o padrão de segurança HMAC
Definição O HMAC (Hash-based Message Authentication Code) é um mecanismo de segurança que permite verificar a integridade e autenticidade de uma mensagem, garantindo que ela não foi alterada e que foi gerada por quem possui uma chave secreta. Ele é muito usado em autenticação de APIs, tokens e assinaturas digitais. Analogia Imagine que você envia uma carta dentro de um envelope lacrado com um selo exclusivo que só você e o destinatário conhecem a forma de produzir. Se alguém abrir a carta e alterar qualquer palavra, o selo não vai mais bater com o original. O HMAC funciona exatamente assim: ele “lacra” os dados com uma assinatura impossível de reproduzir sem a chave secreta. Exemplo sem HMAC (inseguro) $payload = [ 'user' => 'joao' , 'exp' => time () + 300 ]; // token simples sem proteção $token = base64_encode ( json_encode ( $payload )); Problema Qualquer pessoa pode: decodificar o token alterar exp reencodar e enganar o sistema Exemplo com HMAC (seguro) $payload = [ 'user' => 'joao' , 'exp' => time () + 300 ]; $secret = 'chave_super_secreta' ; $signature = hash_hmac ( 'sha256' , json_encode ( $payload [ 'user' ]) . '|' . $payload [ 'exp' ], $secret ); $payload [ 'sig' ] = $signature ; $token = base64_encode ( json_encode ( $payload )); Validação do lado do servidor $payload = json_decode ( base64_decode ( $_GET [ 'token' ]), true ); $check = hash_hmac ( 'sha256' , json_encode ( $payload [ 'user' ]) . '|' . $payload [ 'exp' ], $secret ); if ( ! hash_equals ( $check , $payload [ 'sig' ])) { die ( "Token inválido" ); }
AI 资讯
Google sues alleged Chinese cybercrime operation that used AI to send scam texts
The tech giant said a group called "Outsider Enterprise" used AI to scam hundreds of thousands of victims, sending 2.5 million text messages over a span of two weeks.
AI 资讯
AMD RCE Ignored, GitHub Boosts Secret Scanning with LLMs, AUR Supply Chain Attack
AMD RCE Ignored, GitHub Boosts Secret Scanning with LLMs, AUR Supply Chain Attack Today's Highlights This week, a critical RCE vulnerability in AMD hardware went unpatched, highlighting vendor inaction, while GitHub significantly enhanced its secret scanning using LLM-driven verification to reduce false positives. Additionally, a widespread supply chain attack compromised hundreds of AUR packages with an infostealer, demanding immediate attention from Arch Linux users. The RCE that AMD wouldn't fix (Hacker News) Source: https://mrbruh.com/amd2/ This report details a critical Remote Code Execution (RCE) vulnerability affecting AMD hardware, which the vendor reportedly declined to fix. The article delves into the technical specifics of the RCE, outlining the exploit vector and potential impact. Such vulnerabilities allow attackers to execute arbitrary code on a compromised system, often leading to full system control, data exfiltration, or further network penetration. The disclosure highlights the challenges faced by security researchers when vendors are unresponsive to critical findings, leaving users exposed. It emphasizes the importance of independent security research and transparent vulnerability reporting for the wider tech ecosystem. Comment: A developer should be deeply concerned when a major hardware vendor like AMD refuses to patch a severe RCE. This forces users to either accept the risk or seek third-party mitigations, underscoring the need for robust supply chain security diligence beyond just software. Making secret scanning more trustworthy: Reducing false positives at scale (GitHub Blog) Source: https://github.blog/security/making-secret-scanning-more-trustworthy-reducing-false-positives-at-scale/ GitHub's security team details their efforts to enhance their secret scanning service by significantly reducing false positives. The article focuses on the implementation of context-aware LLM (Large Language Model) reasoning in the verification step of secret
AI 资讯
🗺️ The Ultimate Cybersecurity Roadmap (Momentum-First Learning System)
Most cybersecurity roadmaps fail beginners. They give you a long list of topics like Linux, Networking, Python, and Security tools without any order or direction. This makes people confused, overwhelmed, and they usually quit early. This roadmap is different. It follows a momentum-first learning system, where every step builds on the previous one. You don’t just learn topics — you grow step by step like a system. The goal is simple: You always know what to learn next and why you are learning it. 🧠 How This Roadmap Works Instead of random learning, this roadmap is divided into phases. Each phase: builds real skills connects with the next phase moves from basic → advanced focuses on practical understanding By the end, you will understand how systems work, how they are built, how they are tested, and how they are secured. 🟢 PHASE 1: 🧠 The Signal Awakening Protocol (System Basics) Goal: Understand how computers and the internet actually work. Topics Google Dorking Using advanced search techniques to find specific information on the internet. You learn how search engines work beyond normal searches. OSINT (Open Source Intelligence) Collecting information from public sources like websites, social media, and forums. You learn how to gather data like a digital investigator. How Web Browsers Work Understanding how a browser sends requests and receives data from servers. This helps you understand what happens behind every website you open. Introduction to Computers & Operating Systems Basic understanding of CPU, RAM, storage, and how operating systems manage everything. This is the foundation of all cybersecurity. Virtualization (VirtualBox / VMware) Running a virtual computer inside your main computer. You use this to create a safe lab for practice. Linux Basics Learning how to use Linux systems. Most servers and cybersecurity tools run on Linux, so this is important. Bash Scripting Writing simple scripts to automate tasks in Linux. You move from manual work to automation. O
AI 资讯
How to Actually Check if a VS Code Extension is Safe Before You Install It
You're about to install a VS Code extension. Maybe it's a formatter, a linter, a theme, an AI tool....
安全
South Korea hits Coupang with $400M+ fine for data breach that affected millions
South Korean authorities issued the record-breaking fine following a data breach that affected over 30 million customers.
AI 资讯
Building Taocarts’ Anti-Fraud Risk Control System: Eliminating Malicious Exploitation of Coupons, Points, and Promotions
Cross-border purchasing platforms commonly use marketing tactics such as coupons, registration points, order rebates, and spend-based discounts to acquire new users and boost engagement. However, public promotions are prime targets for “wool hunters” (fraudsters) who exploit batch account registration, fake orders, malicious order spamming, and combined discount abuse to drain platform benefits, causing direct financial losses. Most purchasing systems lack dedicated event risk controls, making them highly vulnerable to batch exploitation as soon as a promotion goes live. This not only leads to financial losses but also crowds out genuine user benefits and distorts campaign effectiveness. This article details Taocarts’ comprehensive anti-fraud risk control framework, which uses multi‑dimensional behavior detection, rule‑based blocking, and account risk assessment to accurately distinguish real users from malicious exploiters, ensuring fair and controllable marketing activities. First, we identify common malicious exploitation scenarios and system vulnerabilities in cross‑border platforms: Batch account registration – Using new‑user exclusive coupons and registration points to harvest benefits repeatedly. Fake order placement and cancellation – Repeatedly claiming limited‑time discounts or rebates by placing and then canceling orders. Multiple accounts from the same device/IP – Spamming orders to consume activity quotas. Illegal discount stacking – Violating platform rules by combining multiple coupons or point deductions. Activity volume manipulation – Generating fake orders to earn activity rewards or points, creating false engagement data. Traditional systems have no risk rules and cannot detect batch operations or abnormal behavior, leading to wasted marketing spend and campaigns that actually lose money. Taocarts builds a fine‑grained anti‑exploit rule engine based on four dimensions: user behavior, device information, network characteristics, and order data, ena
AI 资讯
Practice exams are a diagnostic, not a scoreboard: how to study for Security+ (SY0-701)
Most people studying for Security+ use practice questions the wrong way. They take a 90 question set, score a 74, feel bad, take another set the next day, score a 76, and call that progress. Two weeks later the number has barely moved and they have no idea why. The score is the least useful thing a practice exam gives you. What you actually want is a map of what you do not know yet. Here is the approach that worked for getting through SY0-701 without burning out on endless question sets. Start cold, on purpose Before you study a single domain, take a full practice exam and do not look anything up. It will feel bad. That is the point. A cold score tells you where you actually stand, not where your notes say you should be. SY0-701 is split into five domains, and they are not weighted evenly: 1.0 General Security Concepts (12%) 2.0 Threats, Vulnerabilities, and Mitigations (22%) 3.0 Security Architecture (18%) 4.0 Security Operations (28%) 5.0 Security Program Management and Oversight (20%) Domain 4 alone is more than a quarter of the exam. If you bomb Security Operations and ace General Concepts, splitting your time evenly between them is a mistake. A cold diagnostic shows you that split in about an hour. If you want one to start with, there is a free diagnostic exam at secplusmastery.com/diagnostic that breaks your result down by domain so the holes are easy to see. Review the wrong answers, and the right ones too This single habit moved my scores more than anything else: for every question I missed, I wrote down why each wrong option was wrong, not just why the correct one was correct. Security+ loves distractors that are real terms used in the wrong context. A question about a control that prevents an attack will offer you a control that detects one, and a control that corrects after the fact, all as plausible answers. If you only learn that the answer was C, you learn nothing you can reuse. If you learn that B was a detective control and the scenario asked for a p
AI 资讯
What is Data Encryption? A Complete 2026 Guide for Developers & Security Teams
Imagine you lose your work laptop on a commute. It holds 3 years of customer PII, internal product roadmaps, and access keys to your company's cloud infrastructure. Without full disk encryption enabled, anyone who finds the device can access every file in 10 minutes or less with a free bootable USB tool. With encryption enabled? They'll never access your data, even if they brute-force the password for decades. Per IBM's 2025 Cost of a Data Breach Report, organizations that use encryption save significantly on breach costs compared to teams that skip encryption. As cyber threats grow more sophisticated, and quantum computing edges closer to breaking legacy cryptographic standards, encryption is no longer an optional add-on—it's a core requirement for every digital system. This guide breaks down everything you need to know about data encryption, from core concepts to 2026's latest post-quantum developments, with actionable best practices for teams of all sizes. Table of Contents Core Concepts of Data Encryption How Does Data Encryption Work? Key Data Encryption Algorithms (2026 Approved & Deprecated) Encryption for All 3 Data States: At Rest, In Transit, In Use Real-World Data Encryption Use Cases Encryption Standards & Compliance Regulations Data Encryption Best Practices Common Encryption Mistakes to Avoid 2024-2026 Encryption Trends & Future Developments Conclusion & Key Takeaways References Core Concepts of Data Encryption Data encryption is a cryptographic process that converts human-readable plaintext into unreadable scrambled ciphertext using mathematical algorithms and secret keys. Only authorized parties with the correct decryption key can reverse the process to recover the original plaintext. Core Benefits of Encryption Encryption provides three non-negotiable security properties: Confidentiality : Only authorized users can access sensitive data Authentication : Verifies the origin of encrypted data Integrity : Confirms encrypted data has not been tampered w
科技前沿
Windows 11 sucks slightly less now, thanks to a June update
The update brings a low-latency profile, speeds up search, and patches hundreds of flaws.