When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps

In this article 1. Background 2. What is an exploitable misconfiguration? 3. Exploitable misconfigurations in popular AI applications 4. Minimizing the risk: Practical deployment guidance 5. How Microsoft Defender for Cloud helps detect exposures in Kubernetes 6. Learn more AI and agentic...

Security Bulletin: NVIDIA Triton Inference Server - December 2025

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

Security Bulletin: NVIDIA Triton Inference Server- November 2025

NVIDIA has released a software update for NVIDIA Triton Inference Server. To protect your system, download and install the latest release from the Triton Inference Server Releases page on GitHub and view the Secure Deployment Considerations Guide. Go to NVIDIA Product Security. Details The...

EUVD-2020-30124

Malware in sbrugna...

EUVD-2023-23786

Malicious code in bioql PyPI...

MALRIS: Malicious Hardware in RIS-Assisted Wireless Communications

Reconfigurable intelligent surfaces RIS enhance wireless communication by dynamically shaping the propagation environment, but their integration introduces hardware-level security risks. This paper presents the concept of Malicious RIS MALRIS, where compromised components behave adversarially, ev...

PRvL: Quantifying the Capabilities and Risks of Large Language Models for PII Redaction

Redacting Personally Identifiable Information PII from unstructured text is critical for ensuring data privacy in regulated domains. While earlier approaches have relied on rule-based systems and domain-specific Named Entity Recognition NER models, these methods fail to generalize across formats...

Wiz Integrates with NVIDIA Enterprise AI Factory Validated Design

Wiz is now included in the NVIDIA Enterprise AI Factory validated design, integrating with NVIDIA AI to help developers securely build and deploy enterprise AI agents at scale...

CVE-2023-1552

ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configurati...

CVE-2020-9300

The Access Control issues include allowing a regular user to view a restricted incident, user role escalation to admin, users adding themselves as a participant in a restricted incident, and users able to view restricted incidents via the search feature. If your install has followed the secure...

CVE-2025-30371

Metabase is a business intelligence and embedded analytics tool. Versions prior to v0.52.16.4, v1.52.16.4, v0.53.8, and v1.53.8 are vulnerable to circumvention of local link access protection in GeoJson endpoint. Self hosted Metabase instances that are using the GeoJson feature could be potential...

Security Bulletin: NVIDIA Triton Inference Server - February 2025

NVIDIA has released a software update for NVIDIA® Triton Inference Server. To protect your system, download and install the latest release from the Triton Inference Server Releases page on GitHub and view the Secure Deployment Considerations Guide. Go to NVIDIA Product Security...

Security Bulletin: NVIDIA Triton Inference Server - September 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

Exploit for SQL Injection in Langchain

Proof of Concept for Langchain CVE-2024–8309 Vulnerability...

Security Bulletin: NVIDIA Triton Inference Server - April 2024

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. To protect your system, install the latest release from the Triton Inference Server Releases page on GitHub, and view the Secure Deployment Considerations Guide. Go to NVIDIA...

Security Bulletin: NVIDIA Triton Inference Server - December 2023

NVIDIA has released a software update for NVIDIA Triton Inference Server to address the issue disclosed in this bulletin. This issue affects only nondefault deployments that enable dynamic model loading through the model control APIs by using the command line option --model-control explicit...

PTC KEPServerEX

1. EXECUTIVE SUMMARY CVSS v3 7.5 ATTENTION: Exploitable remotely/low attack complexity Vendor: PTC Equipment: KEPServerEX Vulnerability: Uncontrolled Resource Consumption 2. RISK EVALUATION Successful exploitation of this vulnerability could result in the affected device crashing. 3. TECHNICAL...

GE Digital CIMPLICITY

1. EXECUTIVE SUMMARY CVSS v3 6.6 ATTENTION: Low attack complexity Vendor: GE Digital Equipment: CIMPLICITY Vulnerability: Heap-based Buffer Overflow 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an attacker to cause memory corruption issues resulting in unwanted...

CVE-2023-1552

ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configurati...

CVE-2023-1552

ToolboxST prior to version 7.10 is affected by a deserialization vulnerability. An attacker with local access to an HMI or who has conducted a social engineering attack on an authorized operator could execute code in a Toolbox user's context through the deserialization of an untrusted configurati...