Palo Alto Networks on Dec. 26 released a patch for a denial-of-service (DoS) flaw in the DNS security feature of the company’s PAN-OS firewall software. The high-severity 8.7 bug — CVE-2024-3393 — lets an unauthenticated attacker send a malicious packet through the data plane of the firewall that actually reboots the device. Palo Alto said … Read more
The Cybersecurity and Infrastructure Security Agency (CISA) on Nov. 7 warned that attackers are exploiting a Palo Alto Expedition missing authentication vulnerability that lets threat actors with network access takeover an Expedition admin account and access configuration secrets and credentials. Expedition is a Palo Alto migration tool that lets security teams convert firewall configurations from … Read more
Nearly three dozen flaws in open-source AI and machine learning (ML) tools were disclosed Tuesday as part of Protect AI’s huntr bug bounty program. The discoveries include three critical vulnerabilities: two in the Lunary AI developer toolkit and one in a graphical user interface (GUI) for ChatGPT called Chuanhu Chat. The October vulnerability report also … Read more
Jetpack released a patch for a critical vulnerability that could let malicious users submit a specially crafted request to the WordPress server to then disclose data submitted by other users — a flaw that left sensitive personal information potentially exposed on 27 million websites. Owned by Automattic, the company behind WordPress, the Jetpack plug-in offers … Read more
SECURITY | AI | MEANING :: Unsupervised Studying is a stream of authentic concepts, story evaluation, tooling, and psychological fashions designed to assist people lead profitable and significant lives in a world filled with AI. TOC NOTES Okay, tons of content material this week—tremendous excited for this episode! Going all-text this time—callback to old-school Upcoming … Read more
