Getting salty with LLMs: SophosAI unveils new defense against jailbreaking at CAMLIS 2025
On October 22-24, SophosAI will present research on ‘LLM salting’ (a novel countermeasure against jailbreaks) and command line classification at CAMLIS 2025
Similar Posts
Former Disney Employee Admits to Hacking Menu System to Change Allergy Information
Bys sLucas Ropek reports: A former Disney employee who was fired for misconduct has admitted to hacking into the company’s menu creation software to alter key details, including food allergy information that could have been dangerous to customers at the resort’s restaurants. A complaint brought by the Justice Department last year claimed that a man named…
Supreme Court declines to weigh in on FQHC’s patient data security liability
Bys sDave Muoio reports: The Supreme Court has declined to hear a case on whether a Federally Qualified Health Center is immune from liability over a former patient’s stolen personally identifying information (PII). The class-action lawsuit stemmed from a patient who received care and provided that information to Sandhills Medical Foundation, an FQHC, in 2018. The…
FICORA and Kaiten Botnets Exploit Old D-Link Vulnerabilities for Global Attacks
Cybersecurity researchers are warning about a spike in malicious activity that involves roping vulnerable D-Link routers into two different botnets, a Mirai variant dubbed FICORA and a Kaiten (aka Tsunami) variant called CAPSAICIN. “These botnets are frequently spread through documented D-Link vulnerabilities that allow remote attackers to execute malicious commands via a GetDeviceSettings
Fortinet Urges FortiSwitch Upgrades to Patch Critical Admin Password Change Flaw
Bys sFortinet has released security updates to address a critical security flaw impacting FortiSwitch that could permit an attacker to make unauthorized password changes. The vulnerability, tracked as CVE-2024-48887, carries a CVSS score of 9.3 out of a maximum of 10.0. “An unverified password change vulnerability [CWE-620] in FortiSwitch GUI may allow a remote unauthenticated attacker…
Update on the emerging CL0P extortion campaign targeting Oracle E-Business Suite
Bys sUPDATE: On the emerging CL0P extortion campaign targeting Oracle E-Business Suite (EBS) customers, we can now confirm the actor likely exploited a zero-day vulnerability (CVE-2025-61882) to steal data. Here are the critical updates: ➡️ Confirmed Data Exfiltration: We’ve confirmed the actor successfully exfiltrated large volumes of data from victim environments in August 2025. During negotiations,……
Za: Cell C confirms data breach, warns users to remain vigilant
Bys sNicola Mawson reports: Cell C, South Africa’s fourth largest mobile network operator, said on Wednesday morning that RansomHouse had unlawfully disclosed data after a security breach for which RansomHouse is claiming responsibility. The operator, with 7.7 million subscribers as of February, was attacked in early November 2024 and RansomHouse acquired 2TB of data, which has been corroborated…