Week 46 in Review: Molerats Change Tactics, Flaws in AI Tools, Developers Under Attack
This week I covered the Molerats group’s adoption of a more advanced payload for its espionage campaign, more than dozen vulnerabilities found in an handful of popular AI tools, and a README feature on the targeting of developers through the software supply chain.
The security holes can allow server takeover, information theft, model poisoning, and more. (16 November 2023)
Developers must be increasingly wary of actively malicious code that makes its way into their software supply chains. (15 November 2023)
The so-called TA402 group continues to focus on cyber espionage against government agencies with the “IronWInd” malware. (14 November 2023)