Google’s OSS-Fuzz tool, now enhanced with AI capabilities, has discovered 26 new vulnerabilities in open-source projects, including a long-overlooked flaw in the vital OpenSSL library. OSS-Fuzz is a Google-developed fuzzing system that the company has been using to continuously test hundreds of open-source projects since 2016. In August 2023, Google first announced it was working … Read more
A recent cyber attack targeting telematics provider Microlise has highlighted critical vulnerabilities in supply chain security, disrupting tracking services for prominent clients such as DHL and Serco and exposing limited employee data. The breach, disclosed on October 31, led to a significant 16% drop in Microlise’s stock value and raised concerns about the broader implications … Read more
AIs Discovering Vulnerabilities I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better. Here’s some … Read more
Oct 29, 2024Ravie LakshmananAI Security / Vulnerability A little over three dozen security vulnerabilities have been disclosed in various open-source artificial intelligence (AI) and machine learning (ML) models, some of which could lead to remote code execution and information theft. The flaws, identified in tools like ChuanhuChatGPT, Lunary, and LocalAI, have been reported as part … Read more
A thermostat that automatically calibrates to the perfect temperature, a wearable device that tracks employees’ health, and self-parking chairs to keep meeting rooms tidy. This is a glimpse into the future of work, where cutting-edge technology such as AI, IoT, and automation are transforming traditional offices into thriving hubs of innovation and connectivity. However, despite … Read more
