Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
Customer stories Events & webinars Ebooks & reports Business insights GitHub Skills ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
They're not bad; they're just prompted that way. Sysdig threat hunters documented what they say is the first-ever documented ...
JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.
The Gaslight macOS malware from a North Korean cluster doesn't bypass AI analysis platforms yet, but its 38-message prompt injection cascade makes the direction of travel clear. Here's why this ...
IT之家7 月 3 日消息,安全厂商 Sysdig 昨日宣布,其威胁研究团队首次记录到一例由 AI Agent(智能体)自主完成整个攻击流程的勒索软件攻击,并将该攻击者命名为 JADEPUFFER。 研究人员指出,这是目前公开披露的全球首个有完整记录、完全由 AI Agent 自动执行的勒索软件攻击案例,它利用公开漏洞入侵系统后,自主完成了从侦察、窃取凭证、横向移动到最终加密和摧毁数据库的完整攻击 ...
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading ...
As if the Miasma situation weren't bad enough, now this weapon is spreading like wildfire. Someone open sourced the entire Miasma worm supply-chain attack toolkit, likely using previously compromised ...
安全研究机构 Sysdig 发布报告称,其威胁研究团队发现全球首例完全由 AI 智能体自主执行的勒索软件攻击事件。该攻击被命名为 JADEPUFFER,其显著特征在于全程无需人类干预,即可完成从系统入侵到数据摧毁的完整攻击链路。 攻击溯源显示,初始突破口为一台暴露在公网的 Langflow 服务。攻击者利用 CVE-2025-3248 漏洞,在无需身份验证的情况下远程执行 Python 代码获取主 ...
Terms often used in cybersecurity discussions and education, briefly defined. Your corrections, suggestions, and recommendations for additional entries are welcome: email the editor at [email protected].
如果你平时调大模型 API,大概率遇到过这几种情况:某个平台今天额度用完了,代码直接报错想试新模型,又要去另一个网站申请 Key,重复配置 base ...