Tag: nvidia
-
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to execute arbitrary code on affected systems. These issues, outlined in the June 2026 security bulletin, impact NeMo versions up to 2.7.2 across all platforms. Exploitation could lead to privilege escalation, data tampering, and the…
-
NVIDIA NeMo Security Flaw Exposes Systems to Command Injection Attacks
NVIDIA has disclosed multiple high-severity vulnerabilities in its NeMo Framework, including a critical command injection flaw that could allow attackers to execute arbitrary code on affected systems. These issues, outlined in the June 2026 security bulletin, impact NeMo versions up to 2.7.2 across all platforms. Exploitation could lead to privilege escalation, data tampering, and the…
-
NVIDIA goes open source with a big batch of physical AI agent tools
NVIDIA just dropped a big batch of open-source >>physical AI<< skills and tools, and they're designed to make a roboticist's life a whole lot easier. The … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/nvidia-open-source-physical-ai-skills/
-
Insgesamt 8 Schwachstellen – Authentifizierungsumgehung in Nvidias Triton Inference Server
First seen on security-insider.de Jump to article: www.security-insider.de/nvidia-triton-inference-server-kritische-sicherheitsluecke-update-r26-03-a-52a093ac34ffb0de811c1c67034cc3fe/
-
Nvidia releases driver updates to fix 14 critical vulnerabilities
First seen on scworld.com Jump to article: www.scworld.com/brief/nvidia-releases-driver-updates-to-fix-14-critical-vulnerabilities
-
Foxconn von Cyberangriff betroffen Fertigungsbranche in Aufruhr
Foxconn, taiwanesischer Auftragsfertiger für Elektronik, hat jüngst bestätigt, am Standort Nordamerika einem Cyberangriff zum Opfer gefallen zu sein. Ein erfolgreicher Cyberangriff könnte globale Auswirkung auf die gesamte Fertigungsbranche haben, da es sich beim Unternehmen, das Partner von Apple und Nvidia ist, um einen der größten Hersteller elektronischer Produkte handelt. Ein Kommentar von Ismael Valenzuela, Vice…
-
Banned Nvidia AI Chips Keep Reaching China Despite US Crackdown
US export-control cases show how Nvidia chips and other restricted tech are allegedly diverted to China and Russia through shell firms and intermediaries. The post Banned Nvidia AI Chips Keep Reaching China Despite US Crackdown appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-nvidia-ai-chip-smuggling-export-controls-apac/
-
Microsoft Edge, Windows 11, and LiteLLM Fall to Exploits at Pwn2Own Berlin 2026
The world’s top ethical hackers wasted no time breaking into modern software and AI systems on the opening day of Pwn2Own Berlin 2026, exposing critical zero-day vulnerabilities in Microsoft Edge, Windows 11, LiteLLM, and NVIDIA platforms. On May 14, researchers demonstrated 24 unique zero-day exploits, earning a total of $523,000 in rewards, according to Trend…
-
Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall
Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Berlin 2026 featured 22 entries targeting widely used technologies, including browsers, operating systems, AI platforms, and NVIDIA infrastructure. By the end of the day, researchers demonstrated 24 unique zero-day vulnerabilities…
-
Go-Ahead for AI Chip Sales to 10 Chinese Firms Raise Alarms
Reports: Trump Administration Approval of Nvidia H200 Sales Poses Frontier AI Risks. Trump administration discussions on AI governance with China are colliding with reports that Washington may permit expanded Nvidia H200 chip sales to Chinese firms, fueling concerns that U.S. technology access could accelerate Beijing’s frontier AI and military-linked ambitions. First seen on govinfosecurity.com Jump…
-
Breach Roundup: US Lawmakers Sound Alarm on AI Bug Hunters
Also, YellowKey Bypasses BitLocker, Å koda Breach, Kingdom Market Operator Jailed. This week, U.S. lawmakers urged action on AI, a BitLocker exploit. Å koda, Nvidia’s GeForce NOW partner and telehealth firm OpenLoop reported breaches. Patch Tuesday. A dark market operator sentenced and pro-Ukraine and Iranian-linked hacking. Nitrogen ransomware attack on Foxconn. First seen on govinfosecurity.com Jump to…
-
Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days
Pwn2Own Berlin 2026 reportedly reached full capacity for the first time, prompting rejected researchers to publicly disclose zero-day exploits targeting Firefox, NVIDIA, and AI platforms. First seen on hackread.com Jump to article: hackread.com/pwn2own-berlin-2026-hits-capacity-hackers-0-days/
-
CatoFrameworks – Schwachstellen in Nvidia NeMo und Meta PyTorch
First seen on security-insider.de Jump to article: www.security-insider.de/schwachstellen-ki-frameworks-nvidia-nemo-meta-pytorch-a-b22f685a0139a7d6c6463175b8ca4d7b/
-
Inference is giving AI chip startups a second chance to make their mark
In a disaggregated AI world, Nvidia can be both a friend and an enemy First seen on theregister.com Jump to article: www.theregister.com/2026/05/03/inference_is_giving_ai_chip/
-
KI-Sicherheitslücken bei NVIDIA und Meta gefährden Unternehmen
Neue Schwachstellen in KI-Frameworks von NVIDIA und Meta zeigen, wie schnell moderne KI-Infrastrukturen zum Einfallstor für Cyberangriffe werden können. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ki-sicherheitslucken-nvidia-und-meta
-
RCE by design: MCP architectural choice haunts AI agent ecosystem
sh, bash, powershell, curl, rm, and other high-risk binaries, they added.The core issue is that there’s currently no check in place to verify that a STDIO command is intended to initialize an MCP server rather than perform a malicious task. Furthermore, the researchers observed that even if the sent command fails to start the server,…
-
AI Security Risks: How Enterprises Manage LLM, Shadow AI and Agentic Threats FireTail Blog
Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, conference, control, cybersecurity, data, data-breach, detection, email, endpoint, exploit, finance, framework, gartner, GDPR, governance, guide, infrastructure, injection, LLM, malicious, microsoft, monitoring, network, nvidia, office, regulation, risk, saas, software, threat, tool, training, vulnerabilityApr 08, 2026 – – Quick Facts: Enterprise AI Security Most enterprises are running AI at scale before their security teams have visibility into it. Shadow AI (unsanctioned AI tools spreading department by department) is now the most common entry point for data leakage. Agentic AI introduces a new category of risk: autonomous systems that…
-
What we learned about TEE security from auditing WhatsApp’s Private Inference
WhatsApp’s new “Private Inference” feature represents one of the most ambitious attempts to combine end-to-end encryption with AI-powered capabilities, such as message summarization. To make this possible, Meta built a system that processes encrypted user messages inside trusted execution environments (TEEs), secure hardware enclaves designed so that not even Meta can access the plaintext. Our…
-
How Nvidia learned to embrace the light in its quest for scale
Tags: nvidiaThe GPU king’s move to optical scale-up was inevitable First seen on theregister.com Jump to article: www.theregister.com/2026/04/05/nvidia_optical_scale_up/
-
Cryptohack Roundup: Charges in Uranium Finance Case
Also: Chinese Firms Indicted in Crypto-Linked Fentanyl Supply Case. This week, charges filed in Uranium Finance hack, indictment of Chinese firms in fentanyl supply case, a class action lawsuit against Nvidia, Drift Protocol exploit, KuCoin operational barriers in the United States and a U.K. sanction filed against Xinbi. First seen on govinfosecurity.com Jump to article:…
-
New Rowhammer attacks give complete control of machines running Nvidia GPUs
Both GDDRHammer and GeForge hammer GPU memory in ways that compromise the CPU. First seen on arstechnica.com Jump to article: arstechnica.com/security/2026/04/new-rowhammer-attacks-give-complete-control-of-machines-running-nvidia-gpus/
-
Iran Calls U.S. Tech Companies ‘Legitimate Targets,’ Threatens to Attack
The Iranian government is threatening to attack the Middle East operations of more than a dozen U.S. tech companies, including Microsoft, Nvidia, and Google, calling them “legitimate targets.” Meanwhile, pro-Iranian threat groups expand their operations as the U.S. and Israel continues their bombing campaign against Iran. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/iran-calls-u-s-tech-companies-legitimate-targets-threatens-to-attack/
-
How we made Trail of Bits AI-native (so far)
Tags: access, ai, application-security, attack, automation, blockchain, business, ceo, chatgpt, computer, computing, conference, control, data, email, germany, government, identity, injection, jobs, macOS, marketplace, nvidia, open-source, risk, service, skills, strategy, supply-chain, technology, threat, tool, vulnerabilityThis post is adapted from a talk I gave at [un]prompted, the AI security practitioner conference. Thanks to Gadi Evron for inviting me to speak. You can watch the recorded presentation below or download the slides. Most companies hand out ChatGPT licenses and wait for the productivity numbers to move. We built a system instead.…
-
Wenn KI-Agenten Verantwortung übernehmen: Wie JFrog und NVIDIA Sicherheit neu denken
Strategisches Zusammenspiel: Während NVIDIA die leistungsstarke Infrastruktur und Laufzeitumgebung liefert, sorgt JFrog für Governance, Sicherheit und Nachvollziehbarkeit. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/wenn-ki-agenten-verantwortung-uebernehmen-wie-jfrog-und-nvidia-sicherheit-neu-denken/a44390/
-
Critical NVIDIA Vulnerabilities Risk Remote Code Execution and DenialService Attacks
Tags: attack, cyber, Hardware, nvidia, remote-code-execution, risk, service, software, technology, threat, vulnerabilityNVIDIA has recently published its March 2026 security bulletins, addressing a wave of newly discovered vulnerabilities across its hardware and software ecosystems. The technology giant has urged organizations to immediately evaluate their environments and apply the necessary corrective actions to prevent potential exploitation. These vulnerabilities pose significant risks, notably enabling threat actors to potentially execute…
-
AI-Factory-Security-Blueprint zum Schutz der KI-Infrastruktur
Bei ‘AI Factory Security Architecture Blueprint” handelt es sich um eine umfassende, vom Hersteller Check Point getestete Referenzarchitektur zur Absicherung von KI-Infrastrukturen, die von der Hardware- bis zur Anwendungsebene reicht. Unter Nutzung der branchenführenden Firewall- und KI-Sicherheitstechnologien von Check Point und aufbauend auf den Datenverarbeitungsfunktionen von Nvidia-Bluefield bietet Blueprint ‘Security-by-Design” über alle Ebenen der KI-Fabrik und…
-
AI-Native Security Is a Must to Counter AI-Based Attacks
Attacks by artificial intelligence agents are a reality. Experts at Nvidia’s GTC conference say defenders need to use the same tools to fight them off. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/ai-native-security-counter-attacks
-
NVIDIA puts GPU orchestration in community hands
GPU-accelerated AI workloads now run on Kubernetes in the large majority of enterprise environments. Managing those workloads at scale has required specialized tooling that, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/03/24/nvidia-kubernetes-gpu-driver-community/
-
Supermicro co-founder arrested, charged over $2.5B Nvidia GPU sales to China
Indictment claims dummy servers and bogus docs used to slip past US export controls First seen on theregister.com Jump to article: www.theregister.com/2026/03/20/supermicro_nvidia_gpu_charges/