Mandiant: 165 Snowflake Customers ‘Potentially Exposed’ in Campaign

Researchers with Mandiant said that since at least April 14, the threat group behind the attack has used stolen credentials to access over 100 customer tenants. Some of the credentials were stolen via infostealer malware as early as 2020.

The Emerging Ecosystem Dedicated to AI Accountability

A new ecosystem of security researchers is emerging, looking to sniff out data security and privacy issues in AI systems and grappling with issues like a lack of transparency into and understanding of LLMs.

Critical PHP Flaw CVE-2024-4577 Patched

A critical remote code execution bug (CVE-2024-4577) in all versions of PHP on Windows has been patched. The bug also affects all Windows versions of XAMPP.

After Backlash, Microsoft Recall Will be Disabled by Default

Microsoft said the controversial Copilot Plus PC Recall feature will no longer be enabled by default after backlash from security and privacy experts.

Wyden Pushes HHS to Mandate Healthcare Cybersecurity Standards

Wyden said the Change Healthcare ransomware attack demonstrates how the HHS’ current self-regulatory approach to cybersecurity is “insufficient.”