Researchers from Google DeepMind, Cornell University, and other institutions have discovered that the popular AI chatbot ChatGPT is susceptible to leaking data when prompted to repeat certain words.

The integration of BlueVoyant and Conquest Cyber will provide customers with more self-service capabilities and autonomous operations through the use of AI, machine learning, and virtual data lakes.

A new set of tools, including a backdoor, a credential-stealing module, and a customized version of Mimikatz, has been used in targeted attacks against organizations in the Middle East, Africa, and the U.S.

Black Basta has collected over $100 million in ransom payments from over 90 victims since April 2022. High-profile victims targeted by Black Basta include the American Dental Association, Sobeys, Knauf, Yellow Pages Canada, and Rheinmetall.

Vigil focuses on identifying prompt injections, jailbreaks, and other potential vulnerabilities. Its creator, Adam M. Swanda, developed the tool to improve security practices around LLM applications.

The campaign involves the use of Windows Shortcut files embedded with malicious JavaScript to deliver the components of the trojan, and there are indications that a Chinese-speaking threat actor is behind the attacks based on the samples.

The vulnerability arises from the failure to safely sanitize user-supplied extensible stylesheet language transformations (XSLT), enabling attackers to upload malicious XSLT and gain remote access to Splunk Enterprise instances.

The two actively exploited security flaws, CVE-2023-42916 and CVE-2023-42917, were found in the WebKit web browser engine and could leak sensitive information or allow arbitrary code execution.

North Texas Municipal Water District (NTMWD) has experienced a cyberattack on its business computer network, but its core water, wastewater, and solid waste services remain unaffected.

Additionally, there are unconfirmed reports that Staples employees have been instructed to avoid logging into Microsoft 365 using single sign-on (SSO) and that call center employees have been sent home for two consecutive days.