Microsoft

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used ...
Government Technology

What Is Data Poisoning, and How Can It Hurt the Public Sector?

Editor’s note: These are big, complex topics — so we've spent more time exploring them. Welcome to GT Spotlight. Have an idea for a feature? Email Associate ...
IEEE

Data Poisoning Offensive and Defensive System in FL-enabled Low-Altitude IoT Scenario: Unlearnable Example Attack and Model Similarity Defend

Abstract: Low-altitude Internet of Things (LAIOT) integrates sensing, communication, and edge intelligence within aerial networks. As a distributed training paradigm, federated learning (FL) is a ...
GitHub

Cache Poisoning Param-Miner (Burp Suite Extension)

Cache Poisoning Param-Miner is a Burp Suite extension designed to automate the discovery of "Unkeyed Inputs" HTTP headers or parameters that affect the server's response but are not included in the ...
Smithsonian Magazine

This Massive Web—Home to More Than 100,000 Spiders—Found in a Cave in Europe Could Be the World’s Largest

It may sound like something out of a nightmare, but scientists say they weren’t dreaming when they discovered a massive spiderweb that’s home to more than 110,000 arachnids inside a cave in ...
SecurityWeek

BIND Updates Address High-Severity Cache Poisoning Flaws

The vulnerabilities allow attackers to predict source ports and query IDs BIND will use, and to inject forged records into the cache. The first issue is a weakness in the Pseudo Random Number ...
Ars Technica

Cache poisoning vulnerabilities found in 2 DNS resolving apps

The makers of BIND, the Internet’s most widely used software for resolving domain names, are warning of two vulnerabilities that allow attackers to poison entire caches of results and send users to ...
World Socialist Web Site

Australia: NSW Environmental Protection Agency covers up lead poisoning in Broken Hill children

The New South Wales (NSW) Environmental Protection Agency (EPA) deliberately suppressed for almost four years a study showing lead poisoning of children in Broken Hill as a result of nearby mining ...
The Hacker News

BadIIS Malware Spreads via SEO Poisoning — Redirects Traffic, Plants Web Shells

Cybersecurity researchers are calling attention to a search engine optimization (SEO) poisoning campaign likely undertaken by a Chinese-speaking threat actor using a malware called BadIIS in attacks ...
inforum

Web searches, thallium purchases led to arrest of man accused of fatally poisoning housemate

MOORHEAD — The man arrested this week in Moorhead for murder searched numerous times for how thallium, a highly toxic and odorless metal, could be used as poison and how much and how long it would ...
The Hacker News

Researchers Warn of Sitecore Exploit Chain Linking Cache Poisoning and Remote Code Execution

Three new security vulnerabilities have been disclosed in the Sitecore Experience Platform that could be exploited to achieve information disclosure and remote code execution. Patches for the first ...
SecurityWeek

New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites

A desync attack method leveraging HTTP/1.1 vulnerabilities impacted many websites and earned researchers more than $200,000 in bug bounties. New variants of the HTTP request smuggling attack method ...