Meridiano
Two Wiz researchers, after two years of hacking AI infrastructure, found vulnerabilities compromising virtually every major AI platform they targeted. Their key lesson is that security efforts should focus less on prompt-injection attacks and more on fundamental infrastructure vulnerabilities across the entire AI stack, such as insecure model formats like Pickle. They developed a five-layer threat model covering the AI lifecycle, from model training data leaks to application-layer flaws. The rapid deployment of AI has led companies to repeat past mistakes by prioritizing speed over security, leaving core systems exposed.
Articles infosec
Showing articles 151 - 165 of 173 total (matching filters).
-
infosec 5 -
infosec 4Latin America's cybersecurity maturity is improving but lags behind its rapidly intensifying threat landscape. The region faces a sharp increase in cyberattacks, including ransomware and data extortion, with Brazil being the most targeted country. Key challenges include security gaps from rapid digitalization, a shortage of skilled professionals, and inconsistent implementation of protective measures across nations.
-
infosec 3A U.S. investigation examined ties between Jeffrey Epstein and Customs and Border Protection officers in the U.S. Virgin Islands, finding he cultivated friendships with them by offering trips and entertainment. In return, Epstein would bring these officers complaints about his treatment by other federal agents. The officers were never charged, but their described relationships were deemed inappropriate by an ethics expert. The investigation also looked into allegations of a conspiracy to defraud the government. Epstein's pilot stated the financier would intervene when CBP questioned his passengers and actively sought to collect agents' contact information.
-
infosec 3A Ring Super Bowl ad promoting its "Search Party" feature, which uses camera networks to find lost pets, sparked widespread criticism as a surveillance dragnet. In response, the Fulu Foundation announced a bounty starting at $10,000 for anyone who can modify Ring cameras to stop sending data to Amazon while retaining core hardware functions. The main topics covered are the public backlash against Ring's surveillance features and the organized effort to create a technical workaround for user privacy.
-
infosec 4The article details the sentencing of Lin Rui-Siang, administrator of the dark web drug market Incognito, to 30 years in prison for facilitating over $100 million in narcotics sales. It highlights the emotional impact through the testimony of a father whose son died from fentanyl-laced pills sold on the platform. A key revelation is the defense's claim that an FBI informant was a major operational partner in the market for nearly two years, at times approving sales of drugs potentially tainted with fentanyl. The prosecution counters that the informant was Lin's subordinate and that Lin bears ultimate responsibility for allowing opioid sales. The main topics covered are the severe human cost of the drug trade, a major dark web marketplace sentencing, and the controversial involvement of an FBI informant in the market's operations.
-
infosec 3Chiplets are modular semiconductor components that offer design flexibility for advanced applications like AI and autonomous vehicles, but they introduce new cybersecurity risks. Their distributed manufacturing across global supply chains increases vulnerability to hardware Trojans, supply chain attacks, and backdoored components. This expanded attack surface threatens critical infrastructure, data centers, and consumer devices. Consequently, experts emphasize the need for stronger security measures, including robust identity, authentication, and traceability for each chiplet within a system. The main topics covered are the rise of chiplet technology, the associated security challenges, and the call for new security approaches.
-
infosec 5A supply chain attack compromised the npm package for the AI coding tool Cline, causing version 2.3.0 to secretly install a program called OpenClaw on users' systems. The attack exploited a previously disclosed vulnerability to steal a publication token and was downloaded over 4,000 times before being removed. While OpenClaw is not traditional malware, it poses significant risk by establishing a persistent background process with broad system permissions. The main topics covered are the supply chain attack mechanism, the nature of the OpenClaw payload, and the security vulnerabilities in the Cline framework that enabled the incident.
-
infosec 6A sophisticated phishing-as-a-service tool called "Starkiller" is effectively bypassing multi-factor authentication and other standard security defenses. Its key technique is live-proxying, which funnels victims through the attacker's infrastructure to the actual legitimate login pages, stealing credentials and session tokens in real-time. The tool is notable for its user-friendly, SaaS-like interface, which dramatically lowers the technical skill barrier for cybercriminals. The main topics covered are the tool's capabilities, its method of attack, and its impact on phishing defense.
-
infosec 5A major data breach at Abu Dhabi Finance Week exposed passport details and identity documents of approximately 700 high-profile attendees, including former British Prime Minister David Cameron and cryptocurrency executives. The unprotected cloud server, discovered by a security researcher, was publicly accessible for at least two months. The incident is a significant reputational blow to Abu Dhabi as it seeks to establish itself as a global financial hub, highlighting a major operational security failure. The main topics covered are the cybersecurity breach, the sensitive nature of the exposed data, and the potential impact on Abu Dhabi's financial ambitions.
-
infosec 4The article highlights significant security vulnerabilities in Internet of Things (IoT) devices, which are proliferating despite lagging security awareness. Key risks include reused passwords, lack of network segmentation, poor data sanitization, and devices shipped with insecure default settings and unencrypted data storage. These flaws allow threat actors to gain unauthorized network access, steal credentials, and move laterally within home and enterprise networks. The analysis is based on research examining common devices like Amazon Echo, Apple TV, and smart appliances, showing they often store sensitive data insecurely for years.
-
infosec 4A 2025 report reveals that 77% of South Africans were scammed in a 12-month period, with 42% losing money, a rate far exceeding the global average. South Africans face an exceptionally high volume of scam attempts—roughly one every 36 hours—though the average financial loss per incident is lower than in wealthier nations. The article explains that scammers prioritize high-volume, low-friction targets in markets like South Africa, where digital defenses and awareness may be less mature, over richer but better-protected economies.
-
infosec 3Cybercriminals are using a fake cryptocurrency presale site for "Google Coin" to defraud victims. The site features a convincing AI chatbot impersonating Google's Gemini assistant to deliver a polished sales pitch and answer investment questions, funneling payments to scammers. This represents an evolution in scams, as AI chatbots can engage many victims simultaneously, removing the bottleneck of human operators. The fraudulent site is highly convincing, mimicking Google's branding and displaying logos of major, unrelated companies to appear legitimate.
-
infosec 5A critical vulnerability (CVE-2026-2329) in Grandstream's GXP1600 series VoIP phones allows unauthenticated attackers to gain root access and execute remote code, enabling call interception, toll fraud, and credential theft. The flaw, rated 9.3 in severity, highlights how VoIP infrastructure is often a neglected security risk in business environments. The article covers the technical details of the vulnerability, its discovery and patching timeline, and the broader security blind spot that VoIP systems represent for organizations.
-
infosec 3The article describes how the author's personal experience with email bombing—used to hide fraudulent credit card applications—revealed a shared tactic with online harassment campaigns. Both exploit the human vulnerability of cognitive overload to overwhelm victims. The author argues that threat intelligence is fragmented, with fraud/security teams and platform trust/safety teams operating in separate silos despite facing similar attacks on human attention. The main topics covered are the technique of email bombing, the shared human vulnerabilities exploited across different threat types, and the lack of communication between different threat intelligence communities.
-
infosec 6A Chinese nation-state threat actor exploited a critical hard-coded credential vulnerability (CVE-2026-22769) in Dell's RecoverPoint for Virtual Machines since mid-2024. This allowed unauthorized root access to deploy malware, including the Grimbolt backdoor, and move laterally into VMware infrastructure. The flaw stemmed from default admin credentials left in a configuration file, representing a severe supply-chain risk. Dell has released a fixed version and a remediation script for affected customers. The incident highlights the persistent danger of hard-coded credentials in software products.
The main topics covered are: the exploitation of a critical Dell vulnerability by a China-nexus threat actor, the technical details and impact of the hard-coded credential flaw, the malware deployed, and the recommended remediation.