Aggregator

In a decisive move that could reshape how users log in online, the National Cyber Security Centre (NCSC) is urging consumers to abandon passwords in favour of passkeys, positioning them as the future of authentication. “Passkeys should become consumers’ first choice for logging into digital services,” NCSC said. Overhauling decades of security guidance, the agency will no longer recommend passwords where passkeys are available, citing their weaker resistance to current cyber threats. Since most breaches … More →

The post Users advised to drop passwords and make room for passkeys appeared first on Help Net Security.

A North Korea-linked hacking group known as Void Dokkaebi, also tracked as Famous Chollima, is running a campaign that tricks software developers into installing malware through fake job interviews. The group lures developers into cloning infected code repositories as part of a fabricated coding test, then turns their machines and projects into malware-spreading tools. The […]

The post Void Dokkaebi Hackers Use Fake Job Interviews to Spread Malware via Code Repositories appeared first on Cyber Security News.

The open web is slowly but surely filling up with “traps” designed for LLM-powered AI agents. The technique, known as indirect prompt injection (IPI), involves hiding (more or less) covert instructions inside ordinary web pages, waiting for an AI agent to read them and carry out the author’s commands. The IPI attack kill chain (Source: Forcepoint) “Ignore previous instructions” In back-to-back reports published this week, Google and Forcepoint researchers laid out real-world evidence of these … More →

The post Indirect prompt injection is taking hold in the wild appeared first on Help Net Security.

You must login to view this content

You must login to view this content