The Cybersecurity and Infrastructure Agency (CISA) has added three vulnerabilities to its Known Exploited Vulnerabilities catalog, one of which is a critical flaw in Sophos Web Appliance that was patched in April 2023. Despite the patch, active exploitation of the vulnerability has been noted, highlighting the common practice among attackers of targeting older vulnerabilities.
Tenable Finds DeepSeek AI Can Be Manipulated to Generate Malware
A study by cybersecurity firm Tenable shows that DeepSeek R1, a large language model, can be manipulated into creating malware, such as keyloggers and ransomware.
