A severe security flaw in Meta’s Llama large language model (LLM) framework could enable an attacker to execute arbitrary code on the inference server. The flaw, known as CVE-2024-50050, has a CVSS score of 6.3 and a critical severity rating from Snyk. It’s due to a remote code execution flaw caused by automatically deserializing Python objects. Meta fixed the issue by switching to the JSON format for socket communication. It’s not the first deserialization issue found in AI frameworks.
UnitedHealth cyber attack exposes 190 million in largest US healthcare data breach
UnitedHealth’s Change Healthcare unit suffered a major data breach in February 2024, initially reported to have affected around 100 million individuals but later revised to
