Thursday , April 24 2025

infosecbulletin

US scientists claim to replicate DeepSeek for $30 dubbed “TinyZero,”

$30

Researchers at the University of California, Berkeley, claims they’ve managed to reproduce the core technology behind DeepSeek’s at a total cost of roughly $30. The news raises questions about whether developing advanced AI requires huge budgets or if cheaper alternatives have been ignored by major tech companies. DeepSeek recently launched …

Read More »

ChatGPT, DeepSeek, Qwen 2.5-VL Vulnerable to AI Jailbreaks

Qwen

This week, multiple research teams showcased jailbreaks for popular AI models, including OpenAI’s ChatGPT, DeepSeek, and Alibaba’s Qwen. After its launch, the open-source R1 model by Chinese company DeepSeek caught the attention of the cybersecurity industry. Experts found that jailbreak methods, previously patched in other AI models, still function against …

Read More »

Paragon Attack WhatsApp With New Zero-Click Spyware

paragon

WhatsApp reveiled on Friday that a “zero-click” spyware attack, linked to the Israeli company Paragon, has targeted many users globally, including journalists and civil society members. The spyware targeted almost 100 WhatsApp users, including journalists, and operated without user interaction, links, or attachments, making it particularly dangerous. Reuters reported that …

Read More »

Vulnarabilitties found in Cisco webex and VMware Aria operation

Cisco webex

A serious cybersecurity flaw in Cisco Webex Chat has been discovered, allowing unauthorized attackers to access the chat histories of organizations using the platform. Identified in July 2024, the flaw exposed sensitive communications from potentially thousands of organizations, including IT help desks and customer service operations. Proof-of-Concept and Real-World Impact: …

Read More »

Microsoft to boost M365 bounty program rewards Up to $27,000

365 Bounty

Microsoft has announced a major expansion of its Microsoft 365 Bounty Program. The program now covers new Viva products for identifying vulnerabilities, offering rewards up to $27,000 for critical submissions. This update highlights Microsoft’s commitment to improving software security and promoting global collaboration in finding vulnerabilities. The expanded scope introduces …

Read More »

DeepSeek reveils over 1 million chat records; Italy Bans DeepSeek

DeepSeek

Chinese AI startup DeepSeek has exposed two databases with sensitive user and operational information from its DeepSeek-R1 LLM model. Unsecured ClickHouse instances are believed to have exposed over a million log entries that include user chat histories in plaintext, along with API keys, backend information, and operational metadata. Wiz Research …

Read More »

Hackers leverage Google’s subdomains, phone number to attack victims

number

Scammers called a victim using Google’s official support number and sent an email from an official subdomain. It’s unclear how they managed to use Google’s services. Software engineer Zach Latta, founder of Hack Club, reported a unique attack on GitHub. Chloe called Latta from 650-203-0000, identified as “Google.” According to …

Read More »