GenAI-related domains are being registered daily with suspicious activity, including those linked to malware like ransomware and phishing. The trend in GenAI-related domain registrations mirrors industry milestones.

Researchers identified two vulnerabilities in LangChain, an open-source generative AI framework with over 81,000 stars on GitHub: CVE-2023-46229 and CVE-2023-44467 (LangChain Experimental).

RA World’s attack methods, mapped to MITRE ATT&CK, include exploiting vulnerable servers for initial access, using tools like PsExec and Impacket for credential dumping and lateral movement, and executing ransomware payloads in safe mode.

While containers offer efficiency, they are vulnerable to attacks exploiting misconfigurations. Attackers can execute code or escalate privileges, endangering organizational security.

BadPack is an APK file intentionally packaged in a malicious way. In most cases, this means an attacker has maliciously altered header information used in the compressed file format for APK files.

Campaigns distributing DarkGate malware use various methods like email attachments and malicious ads. A campaign in March-April 2024 used Samba file shares hosting malicious files for DarkGate infections.

The threat actor searches for sensitive information related to diplomatic and economic missions, embassies, military operations, political meetings, ministries of targeted countries, and high-ranking officials.

Threat actors are using DNS tunneling as a means to scan for network vulnerabilities and check the success of phishing campaigns, according to new research from Palo Alto Networks.

Threat actors have been using scanning methods to pinpoint vulnerabilities in networks or systems for a very long time. Some scanning attacks originate from benign networks likely driven by malware on infected machines.

This vulnerability, assigned as CVE-2024-1313 with a CVSS score of 6.5, allows low-privileged Grafana users to delete dashboard snapshots belonging to other organizations using the snapshot's keys, impacting the integrity of the system.