Hackers are now exploiting the safety of open-source apps to sideload malware, and on LinkedIn of all places

Once up and running, that malicious DLL file pops a Python interpreter onto the system, which runs a script to create a ...
The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...

AI framework flaws put enterprise clouds at risk of takeover

Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud ...
SecurityWeek

Chainlit Vulnerabilities May Leak Sensitive Information

Vulnerabilities in Chainlit could be exploited without user interaction to exfiltrate environment variables, credentials, ...
Cybernews

LinkedIn DM phishing campaign targets high-value execs with weaponized file downloads

A phishing campaign targeting carefully selected “high-value” corporate employees has been using LinkedIn direct messages to deliver weaponized downloads, highlighting how criminals are shifting away ...
TechBooky

How Hackers Spread RAT Malware via DLL Sideloading in LinkedIn Messages

Researchers studying cybersecurity have discovered a new and sophisticated phishing effort that spreads dangerous payloads ...
The Hacker News

Hackers Use LinkedIn Messages to Spread RAT Malware Through DLL Sideloading

Researchers found a LinkedIn phishing campaign delivering a remote access trojan via DLL sideloading, WinRAR SFX files, and ...
MIT Technology Review

The Download: digitizing India, and scoring embryos

Nandan Nilekani can’t stop trying to push India into the future. He started nearly 30 years ago, masterminding an ongoing ...
InfoQ

MIT's Recursive Language Models Improve Performance on Long-Context Tasks

Researchers at MIT's CSAIL published a design for Recursive Language Models (RLM), a technique for improving LLM performance ...
eWeek

1X Neo Binge-Watches YouTube to Learn Your Chores

Who knew binge-watching YouTube could count as robotics R&D? 1X has plugged a 14-billion-parameter 1X World Model (1XWM) into ...
JD Supra

M&A in the AI Era: What Buyers Can Do to Confirm and Protect Value

As artificial intelligence (AI) continues to become a core differentiator across industries, dealmakers are seeing more transactions where a ...