AI news from Ars Technica

Serving the Technologist since 1998. News, reviews, and analysis.
Biz & IT - Ars Technica

  1. Critical Copilot vulnerability allowed hackers to steal 2FA code from users

    SearchLeak exploit shows why the industry's approach to LLM security fails over and over.

  2. Users cry foul after AMD stripped memory crypto from its consumer CPUs

    AMD's stripping of TSME from consumer CPUs appears to be a deliberate, covert move.

  3. PeopleSoft 0-day affecting hundreds of organizations steals gigabytes of data

    Vulnerability in the Oracle-owned PeopleSoft software is about as critical as they come.

  4. Locked in heated rivalry with researcher, Microsoft fixes 0-day they disclosed

    A separate zero-day also disclosed by Nightmare Eclipse appears to be patched as well.

  5. High-severity vulnerability in Linux caused by a single faulty character

    Use-after-free bug can be exploited to evade sandbox defenses.

  6. For the 2nd time in weeks, Microsoft packages laced with credential stealer

    73 packages run self-replicating stealer as soon as they're opened by an AI agent.

  7. How a USB-connected speaker can infect a PC without ever being touched

    Seller of the Sound Blaster Katana V2X doesn't consider the behavior a vulnerability.

  8. Dashlane explains how attackers managed to download encrypted password vaults

    By targeting large numbers of users, attackers increased their chances of success.

  9. Can't make sense of Dashlane's vault theft notification? You're not alone.

    Security advisory leaves out key details. Dashlane maintains complete silence.

  10. Dozens of Red Hat packages backdoored through its official NPM channel

    Anyone who has downloaded affected Red Hat packages should investigate immediately.

Find a Wide Selection of Products and Deals - Shop Now on Amazon