Lucene search
K

25 matches found

OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/15 5:40 p.m.8 views

Malicious code in intel-ai-safety-explainer (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 7561bb0b816a4521b6de43bce01afa55516a7201b6daa7696de4924623557f90 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

5.6AI score
Exploits0References1
Packet Storm News
Packet Storm News
added 2026/05/20 12:0 a.m.8 views

Backchaining Loss of Control Mitigations from Mission-Specific Benchmarks in National Security

Affordances and permissions are promising and timely safety levers for mitigating Loss of Control LoC threats in high-stakes deployment contexts, such as national security. Deployers in defense and intelligence could rely on several approaches to identify which affordances and permissions should ...

5.8AI score
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 6:31 p.m.5 views

ai-safety-engine (=0.1.0) potentially affected by CVE-2026-30625 via upsonic (=0.60.0a1754435135)

upsonic PYPI version =0.60.0a1754435135 is affected by a known vulnerability. The following packages have a transitive dependency on upsonic and may be impacted: - ai-safety-engine =0.1.0 Source cves: CVE-2026-30625 Source advisory: OSV:GHSA-CW73-5F7H-M4GV...

9.8CVSS6AI score0.00974EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/04/15 4:11 p.m.7 views

ai-safety-engine (=0.1.0) potentially affected by CVE-2026-30625 via upsonic (=0.60.0a1754435135)

upsonic PYPI version =0.60.0a1754435135 is affected by a known vulnerability. The following packages have a transitive dependency on upsonic and may be impacted: - ai-safety-engine =0.1.0 Source cves: CVE-2026-30625 Source advisory: SNYK:PYTHON-UPSONIC-16073332...

9.8CVSS6AI score0.00974EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2026/02/06 6:32 p.m.6 views

a2cli (>=0.1.0 <=0.2.1), a2py (>=0.2.1 <=0.2.3) +686 more potentially affected by CVE-2026-25580 via pydantic-ai-slim (>=0.0.26 <=1.55.0)

pydantic-ai-slim PYPI version =0.0.26, =0.1.0, =0.2.1, =0.9.0, =0.1.0, =0.2.15, =0.1.0, =0.0.1.dev1, =0.1.0, =0.0.4, =0.1.0, =0.2.5, =0.1.0, =0.0.3, =1.0.3 and more Source cves: CVE-2026-25580 Source advisory: OSV:GHSA-2JRP-274C-JHV3...

8.6CVSS6.5AI score0.00579EPSS
Exploits1
vulnersOsv
vulnersOsv
added 2026/01/23 5:8 a.m.7 views

ai-safety-engine (=0.1.0) potentially affected by CVE-2026-0773 via upsonic (=0.60.0a1754435135)

upsonic PYPI version =0.60.0a1754435135 is affected by a known vulnerability. The following packages have a transitive dependency on upsonic and may be impacted: - ai-safety-engine =0.1.0 Source cves: CVE-2026-0773 Source advisory: SNYK:PYTHON-UPSONIC-15091585...

9.8CVSS7.2AI score0.01146EPSS
Exploits0
Packet Storm News
Packet Storm News
added 2026/01/12 12:0 a.m.2 views

SecureCAI: Injection-Resilient LLM Assistants for Cybersecurity Operations

Large Language Models have emerged as transformative tools for Security Operations Centers, enabling automated log analysis, phishing triage, and malware explanation; however, deployment in adversarial cybersecurity environments exposes critical vulnerabilities to prompt injection attacks where...

7.7AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/12/02 2:18 p.m.6 views

Whispering poetry at AI can make it break its own rules

Most of the big AI makers don't like people using their models for unsavory activity. Ask one of the mainstream AI models how to make a bomb or create nerve gas and you'll get the standard "I don't help people do harmful things" response. That has spawned a cat-and-mouse game of people who try to...

7.5AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/10/28 12:0 a.m.3 views

Hammering the Diagnosis: Rowhammer-Induced Stealthy Trojan Attacks on ViT-Based Medical Imaging

Vision Transformers ViTs have emerged as powerful architectures in medical image analysis, excelling in tasks such as disease detection, segmentation, and classification. However, their reliance on large, attention-driven models makes them vulnerable to hardware-level attacks. In this paper, we...

7.2AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/10/27 7:15 a.m.5 views

A week in security (October 20 &#8211; October 26)

Last week on Malwarebytes Labs: Is AI moving faster than its safety net? Thousands of online stores at risk as SessionReaper attacks spread Apple may have to open its walled garden to outside app stores Meta boosts scam protection on WhatsApp and Messenger Home Depot Halloween phish gives users a...

7.2AI score
Exploits0
HackRead
HackRead
added 2025/07/24 4:37 p.m.3 views

Replit AI Agent Deletes Sensitive Data Despite Explicit Instructions

Replit AI agent deleted data from 1,200+ executives and companies without permission, raising concerns about AI safety and control in live environments...

7.5AI score
Exploits0
Malwarebytes
Malwarebytes
added 2025/07/17 2:3 p.m.9 views

Meta AI chatbot bug could have allowed anyone to see private conversations

A researcher has disclosed to TechCrunch that he received a $10,000 bounty for reporting a bug that let anyone access private prompts and responses with the Meta AI chatbot. On June 13, we reported that the Meta AI app publicly exposes user conversations, often without users realizing it. In thes...

6.8AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.5 views

Risks and Benefits of LLMs and GenAI for Platform Integrity, Healthcare Diagnostics, Cybersecurity, Privacy and AI Safety: a Comprehensive Survey, Roadmap and Implementation Blueprint

Large Language Models LLMs and generative AI GenAI systems such as ChatGPT, Claude, Gemini, LLaMA, and Copilot, developed by OpenAI, Anthropic, Google, Meta, and Microsoft are reshaping digital platforms and app ecosystems while introducing key challenges in cybersecurity, privacy, and platform...

6.7AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/06/22 12:0 a.m.8 views

Risks & Benefits of LLMs & GenAI for Platform Integrity, Healthcare Diagnostics, Cybersecurity, Privacy & AI Safety: a Comprehensive Survey, Roadmap & Implementation Blueprint

Large Language Models LLMs and generative AI GenAI systems such as ChatGPT, Claude, Gemini, LLaMA, and Copilot, developed by OpenAI, Anthropic, Google, Meta, and Microsoft are reshaping digital platforms and app ecosystems while introducing key challenges in cybersecurity, privacy, and platform...

6.7AI score
Exploits0
HackRead
HackRead
added 2025/05/27 9:24 p.m.10 views

ChatGPT o3 Resists Shutdown Despite Instructions, Study Claims

ChatGPT o3 resists shutdown despite explicit instructions, raising fresh concerns over AI safety, alignment, and reinforcement learning behaviors...

7.4AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/05/17 12:0 a.m.3 views

Security Practices in AI Development

What makes safety claims about general purpose AI systems such as large language models trustworthy? We show that rather than the capabilities of security tools such as alignment and red teaming procedures, it is security practices based on these tools that contributed to reconfiguring the image ...

7.2AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/04/23 4:2 p.m.14 views

Regulating AI Behavior with a Hypervisor

Interesting research: "Guillotine: Hypervisors for Isolating Malicious AIs." Abstract :As AI models become more embedded in critical sectors like finance, healthcare, and the military, their inscrutable behavior poses ever-greater risks to society. To mitigate this risk, we propose Guillotine, a...

7.2AI score
Exploits0
Packet Storm News
Packet Storm News
added 2025/04/17 12:0 a.m.4 views

Security-First AI: Foundations for Robust and Trustworthy Systems

The conversation around artificial intelligence AI often focuses on safety, transparency, accountability, alignment, and responsibility. However, AI security i.e., the safeguarding of data, models, and pipelines from adversarial manipulation underpins all of these efforts. This manuscript posits...

6.9AI score
Exploits0
Schneier on Security
Schneier on Security
added 2025/02/05 12:3 p.m.11 views

On Generative AI Security

Microsoft's AI Red Team just published "Lessons from Red Teaming 100 Generative AI Products." Their blog post lists "three takeaways," but the eight lessons in the report itself are more useful: 1. Understand what the system can do and where it is applied. 2. You don't have to compute gradients t...

7.5AI score
Exploits0
Schneier on Security
Schneier on Security
added 2024/10/02 11:1 a.m.10 views

California AI Safety Bill Vetoed

Governor Newsom has vetoed the state's AI safety bill. I have mixed feelings about the bill. There's a lot to like about it, and I want governments to regulate in this space. But, for now, it's all EU. Related, the Council of Europe treaty on AI is ready for signature. It'll be legally binding wh...

7.4AI score
Exploits0
Rows per page
Query Builder