Blog

New EU Vulnerability Database Will Complement Existing Sources, At Least For Now

New EU Vulnerability Database Will Complement Existing Sources, At Least For Now

With the CVE program famously facing funding difficulties, the EU has chosen an opportune time to roll out its new European Vulnerability Database. But, at least for the near term, the database looks to be leaning on the CVE database and other sources and acting as a complement rather than a potential replacement.

Microsoft Makes the First Move Toward a Passwordless Future

Microsoft Makes the First Move Toward a Passwordless Future

A desire to replace the password as the world’s default authentication method has been circulating in the tech world for some time, but there have been almost no moves to force the issue to date. That has changed with Microsoft’s new passwordless policy for new accounts, though it is still far from the “death of the password.”

New Prompt Injection Attack Compromises All AI Models

New Prompt Injection Attack Compromises All AI Models

All of the big LLMs are vulnerable to a new type of prompt injection attack that targets their safety policies, according to security firm HiddenLayer. The attack essentially fully jailbreaks the AI models, exposing the system prompt as well as enabling all different types of dangerous requests.

75 Zero-Days Exploited in the Wild in 2024, Spyware Remains Common

75 Zero-Days Exploited in the Wild in 2024, Spyware Remains Common

When it comes to zero-days and spyware, China and North Korea’s hacking teams head up the leaderboard with five 2024 incidents each. Russia had three, and South Korea one; another three were likely the work of APT groups but a specific nation was not pinned down.

× How can I help you?