An employee at Elon Musk’s artificial intelligence company xAI leaked a private key on GitHub that for the past two months could have allowed anyone to query private xAI large language models (LLMs) which appear to have been custom made for working with internal data from Musk’s companies, including SpaceX, Tesla and Twitter/X, KrebsOnSecurity has learned. … Read more
A UK court blocked a class action lawsuit over allegations of the under reporting of sewage leaks by six water companies including the debt-laden Thames Water Ltd. The UK’s Competition Appeal Tribunal dismissed the lawsuit that alleged the six water companies significantly under-reported the pollution they caused. The companies would not have been allowed to … Read more
The Turkish government is proposing a controversial new cybersecurity law that could make it a criminal act to report on data breaches. The new legislation proposes penalties for various cybersecurity-related offences. But they key one which has people concerned is this: “Those who carry out activities aimed at targeting institutions or individuals by creating the … Read more
Six vulnerabilities in the popular Rsync file-synchronizing tool were disclosed Wednesday, including critical and high-severity flaws that could risk remote code execution (RCE) and data leakage. The Rsync utility is commonly used in Unix-like operating systems, and the Rsync daemon is frequently used to synchronize and distribute files through public mirrors. The CERT Coordination Center … Read more
An Indian AI startup that helps businesses build custom chatbots has leaked almost 350,000 sensitive files after the data was left unsecured on the web. Ahmedabad-headquartered WotNot left a massive collection of sensitive user information – including scans of passport and identity documents, medical records, resumes, travel itineraries and more – unsecured in a misconfigured … Read more