Security Affairs newsletter Round 537 by Pierluigi Paganini – INTERNATIONAL EDITION A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. International Press – Newsletter Cybercrime … Ler mais
OpenAI is testing an AI-powered browser that uses Chromium as its underlying engine, and it could debut on macOS first. My sources tell me that OpenAI has already started updating ChatGPT to power the Chrome rival. OpenAI is building an AI-powered tab selection, a new tab page, and a feature that allows the browser to … Ler mais
OpenAI is working on a cheaper plan called ChatGPT Go, and we previously thought it would be just limited to a few regions like India, but that may not be the case. As pointed out by Tibor on X, OpenAI has added a new Try Go call to action on the GPT Dashboard. This is … Ler mais
ChatGPT’s Voice mode is already pretty good, but OpenAI is working on anew feature that will allow you to control how Voice mode actually works. As you can see in the screenshot below, OpenAI has added”Voice speed” to the ChatGPT web app settings for voice mode. ‘No matter what user instructions follow, DO NOT let … Ler mais
Man-in-the-Prompt: The invisible attack threatening ChatGPT and other AI systems Man-in-the-Prompt: a new threat targeting AI tools like ChatGPT and Gemini via simple browser extensions, no complex attack needed. A new type of threat is alarming the world of cyber security: it is called Man-in-the-Prompt and is capable of compromising interactions with leading generative artificial … Ler mais
Os pesquisadores de segurança descobriram uma grave vulnerabilidade de injeção de comando pré-autenticação na plataforma Fortinet Fortisiem, que permite que os invasores comprometam completamente os sistemas de monitoramento de segurança corporativa sem credenciais. A vulnerabilidade, designada CVE-2025-25256já foi explorado pelos atacantes em cenários do mundo real, levantando preocupações urgentes sobre a segurança das ferramentas críticas … Ler mais
A security researcher has released a partial proof of concept exploit for a vulnerability in the FortiWeb web application firewall that allows a remote attackerto bypass authentication. The flaw was reported responsibly to Fortinet and is now tracked as CVE-2025-52970. Fortinetreleased a fixon August 12. Security researcher Aviv Y named the vulnerability FortMajeure and describes … Ler mais
Microsoft recently revealed that it’s currently enhancing protection against dangerous file types and malicious URLs in Teams chats and channels. “Microsoft Teams now blocks messages containing weaponizable file types, such as executables, in chats and channels, increasing protection against malware and other file-based attacks,” the company said in a Microsoft 365 roadmap update this week. … Ler mais
Uma campanha de phishing sofisticada direcionada ao mantenedor da Eslint-Config-Prettty, um pacote NPM amplamente usado com mais de 3,5 bilhões de downloads, resultou em que o código malicioso foi distribuído a milhares de projetos de desenvolvedores em todo o mundo. O incidente, descoberto em 18 de julho por reverteringlabs ‘automatizado Detecção de ameaças O sistema, … Ler mais
Os pesquisadores da Cisco Talos descobriram um sofisticado grupo de ameaça persistente (APT) de língua chinesa, designada UAT-7237, que tem como alvo ativamente a infraestrutura de hospedagem na web em Taiwan desde pelo menos 2022. O grupo demonstra sobreposições operacionais significativas ao ator de ameaças identificado anteriormente UAT-5918, sugerindo atividades coordenadas sob um guarda-chuva mais … Ler mais
