Netflix has paid out more than $1 million for vulnerabilities found in its products since the launch of its bug bounty program in 2016.
The post Netflix Paid Out Over $1 Million via Bug Bounty Program appeared first on SecurityWeek.
OpenAI Forms Safety Committee as It Starts Training Latest Artificial Intelligence Model
OpenAI is setting up a new safety and security committee and has begun training a new artificial intelligence model to supplant the GPT-4 system that underpins its ChatGPT chatbot.
The post OpenAI Forms Safety Committee as It Starts Training Latest Artificial Intelligence Model appeared first on SecurityWeek.
Christie’s Confirms Data Breach After Ransomware Group Claims Attack
Auction house Christie’s has confirmed suffering a data breach following a ransomware attack launched earlier this month.
The post Christie’s Confirms Data Breach After Ransomware Group Claims Attack appeared first on SecurityWeek.
Google Patches Fourth Chrome Zero-Day in Two Weeks
Exploited in the wild, Chrome vulnerability CVE-2024-5274 is a high-severity flaw described as a type confusion in the V8 JavaScript and WebAssembly engine.
The post Google Patches Fourth Chrome Zero-Day in Two Weeks appeared first on SecurityWeek.
Beware – Your Customer Chatbot is Almost Certainly Insecure: Report
As chatbots become more adventurous, the dangers will increase.
The post Beware – Your Customer Chatbot is Almost Certainly Insecure: Report appeared first on SecurityWeek.
CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw
CISA has added CVE-2023-43208, an unauthenticated remote code execution vulnerability, to its KEV catalog.
The post CISA Warns of Attacks Exploiting NextGen Healthcare Mirth Connect Flaw appeared first on SecurityWeek.
User Outcry as Slack Scrapes Customer Data for AI Model Training
Slack reveals it has been training AI/ML models on customer data, including messages, files and usage information. It’s opt-in by default.
The post User Outcry as Slack Scrapes Customer Data for AI Model Training appeared first on SecurityWeek.
Microsoft Quick Assist Tool Abused for Ransomware Delivery
The Black Basta group abuses remote connection tool Quick Assist in vishing attacks leading to ransomware deployment.
The post Microsoft Quick Assist Tool Abused for Ransomware Delivery appeared first on SecurityWeek.
Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities
Patch Tuesday: Microsoft documents 60 security flaws in multiple software products and flags an actively exploited Windows zero-day for urgent attention.
The post Microsoft Warns of Active Zero-Day Exploitation, Patches 60 Windows Vulnerabilities appeared first on SecurityWeek.
Zscaler Confirms Only Isolated Test Server Was Hacked
Zscaler has completed its investigation into the recent hacking claims and found that only an isolated test environment was compromised.
The post Zscaler Confirms Only Isolated Test Server Was Hacked appeared first on SecurityWeek.
