❌

Reading view

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group

Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of downloads allow remote attackers to hide malicious code in metadata. The code then executes automatically when a file containing the poisoned metadata is loaded.…

  •  

Federal agencies told to fix or ditch Gogs as exploited zero-day lands on CISA hit list

Git server flaw that attackers have been abusing for months has now caught the attention of US cyber cops

CISA has ordered federal agencies to stop using Gogs or lock it down immediately after a high-severity vulnerability in the self-hosted Git service was added to its Known Exploited Vulnerabilities (KEV) catalog.…

  •  

Court tosses appeal by hacker who opened port to coke smugglers with malware

Dutchman fails to convince judges his trial was unfair because cops read his encrypted chats

A Dutch appeals court has kept a seven-year prison sentence in place for a man who hacked port IT systems with malware-stuffed USB sticks to help cocaine smugglers move containers, brushing off claims that police shouldn't have been reading his encrypted chats.…

  •  

No fire sale for firewalls as memory shortages could push prices higher

In SEC filings, Fortinet and Palo Alto show shrinking product margins taking hold.

PCs and datacenters aren't the only devices that need DRAM. The global memory shortage is roiling the cybersecurity market, with the cost of firewalls expected to balloon and hit both customers and vendors in the pocketbook in 2026, according to research analysts Wedbush.…

  •  
❌