Microsoft’s Threat Intelligence team has leveraged its AI-driven Security Copilot tool to identify 20 critical vulnerabilities in widely used open-source bootloaders — GRUB2, U-Boot, and Barebox. These bootloaders are crucial for initializing operating systems, particularly in Linux-based environments and embedded systems. The newly discovered flaws affect systems utilizing Unified Extensible Firmware Interface (UEFI) Secure Boot,…
Category: Generative AI, Security, Vulnerabilities
Exploits, Generative AI, Security, Vulnerabilities, Global Security News
A pickle in Meta’s LLM code could allow RCE attacks
Meta’s large language model (LLM) framework, Llama, suffers a typical open-source coding oversight, potentially allowing arbitrary code execution on servers leading to resource theft, data breaches, and AI model takeover. The flaw, tracked as CVE-2024-50050, is a critical deserialization bug belonging to a class of vulnerabilities arising from the improper use of the open-source library…