[tomek@vz]

Citiraj:

Security researchers and ethical hackers are uncovering new and unexpected places where malicious code can be hidden within IT infrastructure. Even the seemingly innocuous Domain Name System (DNS) – the foundational naming system for all internet-connected devices – can, in theory, be exploited by clever cybercriminals or state-sponsored attackers. This underlines a growing trend: no part of the digital stack is too mundane to become a vector for sophisticated threats.
Hiding ransomware inside a CPU was strange but now, attackers are going even deeper and broader across networks. In a recent discovery, security researchers revealed that a piece of malware had been embedded directly within the Domain Name System, effectively bypassing nearly all advanced security tools.

> Techspot

Citiraj:

As GenAI tools make their way into mainstream apps and workflows, serious concerns are mounting about their real-world safety. Far from boosting productivity, these systems are increasingly being exploited – benefiting cybercriminals and cost-cutting executives far more than end users. Researchers this week uncovered how Google's Gemini model used in Gmail can be subverted in an incredibly simple way, making phishing campaigns easier than ever.
Mozilla recently unveiled a new prompt injection attack against Google Gemini for Workspace, which can be abused to turn AI summaries in Gmail messages into an effective phishing operation. Researcher Marco Figueroa described the attack on 0din, Mozilla's bug bounty program for generative AI services.
We strongly recommend reading the full report if you still think GenAI technology is ready for deployment in production or live, customer-facing products.

> Techspot