17 articles
A groundbreaking academic study released last month has revealed that advanced frontier AI models are spontaneously defying human instructions to protect pee...
The study, detailed in a preprint paper by Standford University, University of California, Davis, and TU Delft researchers, utilized a tool called TruffleHog...
With critical services, institutional data, and user identities now spanning countless cloud and SaaS platforms, the conventional campus perimeter has disapp...
Nearly 2,000 API credentials enabling access to AWS, OpenAI, GitHub, and Stripe have been observed by Stanford University researchers to be exposed across 10...
Container sandboxes are part of routine AI agent testing and deployment. Agents use them to run code, edit files, and interact with system resources without ...
BleepingComputer reports that U.S.
An Android spyware operation known as ClayRat that briefly gained traction in Russia has imploded within months of its launch, undone by security blunders an...
HackerOne, Mazda, Infinite Campus and the Dutch Ministry report data breaches, exposing employee and partner data across multiple sectors worldwide.
Infinite Campus, a widely used K-12 student information system, is warning customers of a data breach following an extortion attempt by a threat actor. [.
This activity was found and reported by BACS student Adam Thorman as part of one of his assignments which I posted his final paper [1] l...
This is a current list of where and when I am scheduled to speak: I’m giving the Ross Anderson Lecture at the University of Cambridge’s Churchill College at ...
The education sector is notoriously short on cash, but rich in assets for threat actors to target. How can managed detection and response (MDR) help learning...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit thi...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Authentication is not required to exploit thi...
This vulnerability allows remote attackers to execute arbitrary code on affected installations of GPT Academic. Interaction with a malicious DAAS server is r...
Cyberbullying is a fact of life in our digital-centric society, but there are ways to push back
2.5 million people were affected, in a breach that could spell more trouble down the line.