In the wake of the Salt Typhoon hacks, the US government agencies have reversed course on encryption, urging the use of end-to-end encryption after decades of advocating against it. This is a major turnaround from their previous demands for law enforcement backdoors.
An article discussing ten predictions for the future of data science and artificial intelligence in 2025, covering topics such as AI agents, open-source models, safety, and governance.
OpenAI claims that using ChatGPT to create fake social media posts has made it easier to detect cyber threats from bad actors, as seen in their recent report.
The article discusses how open-source Large Language Models (LLMs) are helping security teams to better detect and mitigate evolving cyber threats.
AI Risk Database is a tool for discovering and reporting the risks associated with public machine learning models. It provides a comprehensive overview of risks and vulnerabilities associated with publicly available models.
The US Commerce Department has proposed new rules requiring developers of large AI models and those providing the infrastructure to train them to report details about their operations. This is in response to concerns about the potential risks posed by advanced AI, including its potential use in cybercrime and the development of weapons.
This blog post explores the rise of Phishing-as-a-Service (PhaaS) and its enhancement by AI, discussing the ease of access to sophisticated phishing tools on the dark web, alarming statistics on the speed and effectiveness of AI-powered phishing campaigns, and the urgent need for AI-native security solutions.
The CrowdStrike incident highlighted weaknesses in email security, with phishers exploiting the situation to target unsuspecting users. RavenMail's red team demonstrates how they simulated the scenario and compromised accounts, exposing gaps in email security products.
Two security vulnerabilities have been disclosed in the Mailcow open-source mail server suite that could be exploited by malicious actors to achieve arbitrary code execution on susceptible instances.
Exploring the unified XDR and SIEM capabilities of Wazuh, a free, open-source security platform that provides robust endpoint and cloud workload protection, threat intelligence, and response, and more. Discusses the platform's features, integration, and scalability.
