Security Boulevard

How Escape AI Pentesting Exploited SSRF in LiteLLM

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
Decrypt

OpenAI Rolls Out Advanced Account Security for ChatGPT Users

OpenAI's new opt-in security feature requires passkeys, limits recovery options, and excludes chats from training.
The Next Web

OpenAI now lets you lock your ChatGPT account with a hardware key. Here is why it thinks you should.

OpenAI's Advanced Account Security replaces passwords with hardware keys and passkeys, disables email recovery, and opts users out of model training. Co-branded YubiKeys cost $68 for two.
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...