Collecting Cyber-News from over 60 sources

Tag: nvidia

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Nov 14, 2025 4:49 PM

Tags: ai, cybersecurity, framework, intelligence, microsoft, nvidia, open-source, remote-code-execution, vulnerability

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial intelligence (AI) inference engines, including those from Meta, Nvidia, Microsoft, and open-source PyTorch projects such as vLLM and SGLang.”These vulnerabilities all traced back to the same root cause: the overlooked unsafe use of ZeroMQ (ZMQ) and Python’s pickle deserialization,” First seen on thehackernews.com…
NVIDIA NeMo Flaw Enables Code Injection and Privilege Escalation Attacks

Nov 14, 2025 2:50 PM

Tags: attack, control, cve, cvss, cyber, flaw, framework, injection, nvidia, update, vulnerability

NVIDIA has released critical security patches addressing two high-severity vulnerabilities in its NeMo Framework that could allow attackers to execute arbitrary code and escalate privileges on affected systems. The vulnerabilities affect all versions of the framework before 2.5.0, and users should update to 2.5.0 immediately. CVE ID Description CVSS Score Severity CVE-2025-23361 Improper control of…
Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft

Nov 14, 2025 1:49 PM

Tags: ai, authentication, cloud, data, data-breach, exploit, framework, google, infrastructure, Internet, linkedin, LLM, microsoft, nvidia, oracle, risk, vulnerability

Why this matters for AI infrastructure: The vulnerable inference servers form the backbone of many enterprise-grade AI stacks, processing sensitive prompts, model weights, and customer data. Oligo reported identifying thousands of exposed ZeroMQ sockets on the public internet, some tied to these inference clusters.If exploited, an attacker could execute arbitrary code on GPU clusters, escalate…
Copy-paste vulnerability hits AI inference frameworks at Meta, Nvidia, and Microsoft

Nov 14, 2025 1:49 PM

Tags: ai, authentication, cloud, data, data-breach, exploit, framework, google, infrastructure, Internet, linkedin, LLM, microsoft, nvidia, oracle, risk, vulnerability

Why this matters for AI infrastructure: The vulnerable inference servers form the backbone of many enterprise-grade AI stacks, processing sensitive prompts, model weights, and customer data. Oligo reported identifying thousands of exposed ZeroMQ sockets on the public internet, some tied to these inference clusters.If exploited, an attacker could execute arbitrary code on GPU clusters, escalate…
Google’s Ironwood TPUs represent a bigger threat than Nvidia would have you believe

Nov 8, 2025 9:19 AM

Tags: google, nvidia, threat

Chocolate Factory’s homegrown silicon boasts Blackwell-level perf at massive scale First seen on theregister.com Jump to article: www.theregister.com/2025/11/06/googles_ironwood_tpus_ai/
Microsoft Backs Massive AI Push in UAE, Raising Security Concerns

Nov 7, 2025 10:19 PM

Tags: ai, microsoft, nvidia

In partnership with Emirates tech company G42, Microsoft is building the first stage of a 5-gigawatt US-UAE AI campus using Nvidia GPUs. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/microsoft-massive-ai-push-uae-security-concerns
Ollama, Nvidia Flaws Put AI Infrastructure at Risk

Nov 7, 2025 3:19 PM

Tags: ai, flaw, infrastructure, nvidia, risk, vulnerability

Security researchers discovered multiple vulnerabilities in AI infrastructure products, including one capable of remote code execution. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/ollama-nvidia-flaws-ai-infrastructure-risk
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
2026 nichts für schwache CI(S)O-Nerven

Nov 7, 2025 2:20 PM

Tags: ai, business, ceo, cio, ciso, jobs, microsoft, nist, nvidia, resilience, strategy, tool

Aus Sicht von Forrester bleibt die Lage für IT-(Sicherheits-)Entscheider auch 2026 angespannt.Keine Entwarnung für IT-(Sicherheits-)Entscheider: Die Analysten von Forrester gehen in den Predictions 2026 davon aus, dass die Volatilität 2026 weiter anhält. CIOs und CISOs seien entsprechend gefordert, mit Präzision, Resilienz und strategischer Weitsicht zu führen.Das gilt den Auguren zufolge insbesondere für Künstliche Intelligenz (KI),…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
9 top bug bounty programs launched in 2025

Nov 7, 2025 2:20 PM

Tags: ai, api, apple, attack, best-practice, browser, bug-bounty, chatgpt, chrome, cloud, computer, corporate, cyber, cybersecurity, data, defense, exploit, finance, flaw, framework, google, government, hacker, hacking, healthcare, identity, infrastructure, injection, intelligence, iphone, macOS, microsoft, mitigation, mobile, nis-2, nvidia, openai, phishing, risk, service, spyware, strategy, technology, theft, threat, unauthorized, update, vulnerability, zero-day

Bug bounty programs focus in 2025: For ethical hackers, best practice for bug bounty hunting in 2025 involves thorough reconnaissance of a target organization’s technology stack, rather than just running automated tools.Leading bug bounty platforms such as Bugcrowd, HackerOne, Synack, YesWeHack, and Intigriti offer rewards for identifying and reporting security vulnerabilities. Platforms connect ethical hackers…
2026 nichts für schwache CI(S)O-Nerven

Nov 7, 2025 2:20 PM

Tags: ai, business, ceo, cio, ciso, jobs, microsoft, nist, nvidia, resilience, strategy, tool

Aus Sicht von Forrester bleibt die Lage für IT-(Sicherheits-)Entscheider auch 2026 angespannt.Keine Entwarnung für IT-(Sicherheits-)Entscheider: Die Analysten von Forrester gehen in den Predictions 2026 davon aus, dass die Volatilität 2026 weiter anhält. CIOs und CISOs seien entsprechend gefordert, mit Präzision, Resilienz und strategischer Weitsicht zu führen.Das gilt den Auguren zufolge insbesondere für Künstliche Intelligenz (KI),…
AWS, Nvidia, Crowdstrike seek security startups to enter the arena

Nov 3, 2025 10:20 PM

Tags: crowdstrike, nvidia, startup

Last year’s winner scored a $65M funding round on a $300M valuation First seen on theregister.com Jump to article: www.theregister.com/2025/11/03/cybersecurity_startup_accelerator/
OpenAI Signs $38B Deal With Amazon for Compute

Nov 3, 2025 9:20 PM

Tags: ai, nvidia, openai

AWS to Build Server Clusters, Nvidia to Supply Chips for 7 Years. Loss-making OpenAI added to a string deals with a $38 billion commitment on Monday to using compute resources provided by Amazon Web Services. The AI giant said AWS will build out server clusters using Nvidia flagship Blackwell chips for the next seven years.…
Check Point und NVIDIA arbeiten gemeinsam an einer integrierten Sicherheitslösung für KI-Fabriken

Oct 30, 2025 4:19 PM

Tags: ai, nvidia, software

Der Cybersicherheitsanbieter Check Point Software Technologies Ltd. (NASDAQ: CHKP) stellt gemeinsam mit NVIDIA eine neue Sicherheitslösung für sogenannte ‘KI-Fabriken” vor also Umgebungen, in denen Unternehmen KI-Modelle entwickeln, trainieren und betreiben. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/check-point-und-nvidia-arbeiten-gemeinsam-an-einer-integrierten-sicherheitsloesung-fuer-ki-fabriken/a42551/
Check Point and NVIDIA Join Forces to Lock Down Enterprise AI Workloads

Oct 29, 2025 4:26 PM

Tags: ai, cloud, data, infrastructure, nvidia

Check Point has unveiled its new solution, AI Cloud Protect, built in partnership with the NVIDIA Corporation. The offering is designed to deliver end-to-end protection for enterprise AI infrastructure, from model development through to inference, leveraging NVIDIA’s BlueField data processing units and DOCA security framework. Security gaps are emerging, as organisations accelerate AI adoption. According…
New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel

Oct 29, 2025 3:26 PM

Tags: attack, defense, nvidia

On-chip TEEs withstand rooted OSes but fall instantly to cheap physical attacks. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/new-physical-attacks-are-quickly-diluting-secure-enclave-defenses-from-nvidia-amd-and-intel/
New physical attacks are quickly diluting secure enclave defenses from Nvidia, AMD, and Intel

Oct 29, 2025 3:26 PM

Tags: attack, defense, nvidia

On-chip TEEs withstand rooted OSes but fall instantly to cheap physical attacks. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/10/new-physical-attacks-are-quickly-diluting-secure-enclave-defenses-from-nvidia-amd-and-intel/
Integrierte Sicherheitslösung für KI-Fabriken

Oct 29, 2025 1:26 PM

Tags: ai, cloud, nvidia, software

Check Point Software Technologies arbeitet mit Nvidia zusammen, um eine integrierte Sicherheitslösung für KI-Fabriken anzubieten. AI-Cloud-Protect ist ab sofort für lokale Unternehmensbereitstellungen verfügbar und sichert die Entwicklung von KI-Modellen, Agenten-basierten KI-Anwendungen und Inference-Workloads, ohne die Leistung zu beeinträchtigen. Die Lösung wurde auf Nvidia-RTX-PRO-Servern validiert und ermöglicht Unternehmen die sichere Bereitstellung von KI vom Rechenzentrum […]…
Integrierte Sicherheitslösung für KI-Fabriken

Oct 29, 2025 1:26 PM

Tags: ai, cloud, nvidia, software

Check Point Software Technologies arbeitet mit Nvidia zusammen, um eine integrierte Sicherheitslösung für KI-Fabriken anzubieten. AI-Cloud-Protect ist ab sofort für lokale Unternehmensbereitstellungen verfügbar und sichert die Entwicklung von KI-Modellen, Agenten-basierten KI-Anwendungen und Inference-Workloads, ohne die Leistung zu beeinträchtigen. Die Lösung wurde auf Nvidia-RTX-PRO-Servern validiert und ermöglicht Unternehmen die sichere Bereitstellung von KI vom Rechenzentrum […]…
Integrierte Sicherheitslösung für KI-Fabriken

Oct 29, 2025 1:26 PM

Tags: ai, cloud, nvidia, software

Check Point Software Technologies arbeitet mit Nvidia zusammen, um eine integrierte Sicherheitslösung für KI-Fabriken anzubieten. AI-Cloud-Protect ist ab sofort für lokale Unternehmensbereitstellungen verfügbar und sichert die Entwicklung von KI-Modellen, Agenten-basierten KI-Anwendungen und Inference-Workloads, ohne die Leistung zu beeinträchtigen. Die Lösung wurde auf Nvidia-RTX-PRO-Servern validiert und ermöglicht Unternehmen die sichere Bereitstellung von KI vom Rechenzentrum […]…
Notable post-quantum cryptography initiatives paving the way toward Q-Day

Oct 29, 2025 8:26 AM

Tags: attack, awareness, cisa, cisco, communications, computer, computing, crypto, cryptography, cyber, cybersecurity, data, encryption, finance, framework, google, government, group, guide, ibm, infrastructure, intelligence, Internet, iot, linux, microsoft, mitre, ml, nist, nvidia, open-source, service, side-channel, software, supply-chain, technology, theft, threat, tool, vulnerability

Industry heavyweights line up behind PQC: Google”¯Chrome became the first mainstream browser to support hybrid post”‘quantum key exchanges by default late last year.The approach combines classical elliptic-curve encryption, for backwards compatibility, with lattice-based PQC derived from ML-KEM.Other industry giants, including Amazon and IBM, have also begun laying foundations for quantum-safe cryptography. For example, IBM has…
Notable post-quantum cryptography initiatives paving the way toward Q-Day

Oct 29, 2025 8:26 AM

Tags: attack, awareness, cisa, cisco, communications, computer, computing, crypto, cryptography, cyber, cybersecurity, data, encryption, finance, framework, google, government, group, guide, ibm, infrastructure, intelligence, Internet, iot, linux, microsoft, mitre, ml, nist, nvidia, open-source, service, side-channel, software, supply-chain, technology, theft, threat, tool, vulnerability

Industry heavyweights line up behind PQC: Google”¯Chrome became the first mainstream browser to support hybrid post”‘quantum key exchanges by default late last year.The approach combines classical elliptic-curve encryption, for backwards compatibility, with lattice-based PQC derived from ML-KEM.Other industry giants, including Amazon and IBM, have also begun laying foundations for quantum-safe cryptography. For example, IBM has…
Check Point Allies with NVIDIA to Secure AI Platforms

Oct 28, 2025 9:26 PM

Tags: ai, cloud, conference, cybersecurity, data, intelligence, nvidia, software

Check Point Software Technologies Ltd. today revealed it has developed a cybersecurity platform to secure artificial intelligence (AI) factories in collaboration with NVIDIA. Announced at the NVIDIA GTC conference, the AI Cloud Protect platform enables cybersecurity teams to leverage dynamic objects to enforce policies in real time using NVIDIA BlueField-3 data processing units (DPUs) to..…
TEE.Fail attack breaks confidential computing on Intel, AMD, NVIDIA CPUs

Oct 28, 2025 6:27 PM

Tags: attack, computing, nvidia, side-channel

Academic researchers developed a side-channel attack called TEE.Fail, which allows extracting secrets from the trusted execution environment in the CPU, the highly secure area of a system, such as Intel’s SGX and TDX, and AMD’s SEV-SNP. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/teefail-attack-breaks-confidential-computing-on-intel-amd-nvidia-cpus/
Senate says Nvidia chips are for America first as China tightens import controls

Oct 12, 2025 12:23 AM

Tags: china, control, nvidia, usa

Xi to the left of me, Trump is to the right; Huang I am, stuck in the middle with GPUs First seen on theregister.com Jump to article: www.theregister.com/2025/10/10/nvidia_chips_us_china/
Unter Windows 10 und 11 – Lokale Rechteausweitung in der Nvidia App

Oct 9, 2025 7:25 AM

Tags: nvidia, windows

First seen on security-insider.de Jump to article: www.security-insider.de/nvidia-app-schwachstelle-windows-angriffe-a-1d55f1e63944b131ca8191941cf91945/