News

Reconfigure local app settings via a 'simple' POST request

A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people's personal computers, spy on their local chats, and even control the models the victim's app talks to, in extreme cases by serving poisoned models.…

Intruders hoped no one would notice their presence

Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux servers.…

Toronto company says weekend cyber raid hit internal IT, not punters' wallets

Canadian casino software slinger Bragg Gaming Group has disclosed a "cybersecurity incident," though it's adamant the intruders never got their hands on customer data.…

Tulsi Gabbard boasts Washington forced Blighty to drop iPhone encryption fight

The UK government has reportedly abandoned its attempt to strong-arm Apple into weakening iPhone encryption after the White House forced Blighty into a quiet climb-down.…

Developer demand for sovereign cloud from tech giant is on the rise, says exec

Interview  Google's President of Customer Experience, Hayete Gallot, offered some words of comfort to developers who are looking nervously at the rise of AI assistants while also laying out her vision for cloud sovereignty.…

CEO says if you buy all your infosec stuff from him, life under assault from bots will be less painful

Brace for a new round of browser wars, according to Palo Alto Networks CEO Nikesh Arora.…

High accuracy scores come from conditions that don't reflect real-world usage

Facial recognition technology has been deployed publicly on the basis of benchmark tests that reflect performance in laboratory settings, but some academics are saying that real-world performance doesn't match up.…

Spy vs spy in the chips

Comment  Chinese state media called the US an aspiring "surveillance empire" over its proposed use of asset tracking tags to crack down on black-market GPU shipments to the Middle Kingdom.…

Supply chain breach has been a major target of legal action

Microsoft-owned talk-to-text outfit Nuance has agreed to cough up $8.5 million to settle a class action lawsuit over the sprawling MOVEit Transfer mega-breach – although it admits no liability.…

HR SaaS giant insists core systems untouched

Workday has admitted that attackers gained access to one of its third-party CRM platforms, but insists its core systems and customer tenants are untouched.…