This Weeks Headlines
- DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
- New SLAP and FLOP Attacks Expose Speculative Execution Vulnerabilities in Apple M-Series Chips
- Law Enforcement Dismantles Two Major Cybercrime Forums
- British Museum Restores Operations After Alleged IT Attack by Former Contractor
- OAuth Redirect Vulnerability in Airline Travel Integration Exposes Millions to Account Hijacking
- GitHub Desktop Vulnerability Exposes User Credentials via Malicious URLs
- Meta’s Llama Framework Vulnerability Allows Remote Code Execution
DeepSeek AI Database Exposed: Over 1 Million Log Lines, Secret Keys Leaked
Chinese AI startup DeepSeek inadvertently left a ClickHouse database exposed on the internet, allowing unauthorized access to sensitive information. The unsecured database contained over a million log lines, including chat histories, secret keys, backend details, API secrets, and operational metadata.
This exposure granted full control over database operations without authentication, enabling potential privilege escalation within DeepSeek’s environment. The company has since secured the database following notification from security researchers.
View SourceNew SLAP and FLOP Attacks Expose Speculative Execution Vulnerabilities in Apple M-Series Chips
Security researchers from the Georgia Institute of Technology and Ruhr University Bochum have identified two side-channel attacks, named SLAP (Speculative Load Address Prediction) and FLOP (False Load Output Prediction), targeting Apple’s M-series processors. These attacks exploit flaws in the chips’ speculative execution mechanisms, potentially allowing attackers to access sensitive information such as emails, browsing history, and credit card details from web browsers like Safari and Google Chrome.
SLAP affects M2, A15, and newer chips by mispredicting memory addresses, leading to unauthorized data access. FLOP impacts M3, M4, and A17 chips by bypassing critical memory safety checks, enabling attackers to read arbitrary memory locations. Apple was informed of these vulnerabilities in 2024, but it remains unclear if patches have been implemented.
View SourceLaw Enforcement Dismantles Two Major Cybercrime Forums
In a significant international operation, law enforcement agencies have successfully taken down two of the world’s largest cybercrime forums. The coordinated effort led to the arrest of two suspects, the search of seven properties, and the seizure of 17 servers along with over 50 other pieces of evidence.
These forums were notorious hubs for cybercriminals, facilitating the trade of stolen data, hacking tools, and other illicit goods and services. The dismantling of these platforms marks a substantial blow to the cybercriminal underworld, disrupting key infrastructures that have enabled widespread illegal activities.
View SourceBritish Museum Restores Operations After Alleged IT Attack by Former Contractor
The British Museum has resumed normal operations following an alleged IT attack by a recently dismissed contractor.
The individual reportedly trespassed into the museum and disabled several IT systems, including the ticketing platform, leading to the temporary closure of exhibitions and limited access for visitors.
The Metropolitan Police arrested a man in his 50s on suspicion of burglary and criminal damage; he has since been released on bail pending further inquiries. The museum has now restored its IT infrastructure and reopened all exhibitions to the public.
View SourceOAuth Redirect Vulnerability in Airline Travel Integration Exposes Millions to Account Hijacking
A critical security flaw in a widely used online travel service for hotel and car rentals has been identified and patched.
The vulnerability allowed attackers to gain unauthorized access to user accounts by exploiting an OAuth redirect mechanism. By sending specially crafted links, attackers could impersonate users, enabling them to book hotels and car rentals using the victims’ airline loyalty points, as well as cancel or modify booking information.
The service, integrated into numerous commercial airline websites, has since addressed the issue.
View SourceGitHub Desktop Vulnerability Exposes User Credentials via Malicious URLs
Security researchers have identified multiple vulnerabilities in GitHub Desktop and related Git tools that could allow attackers to access users’ Git credentials through specially crafted URLs.
One such vulnerability, CVE-2025-23040, involves improper handling of carriage return characters in URLs, enabling credential leaks to attacker-controlled hosts. Other affected tools include Git Credential Manager, Git LFS, and GitHub CLI, each susceptible to similar exploits leading to unauthorized credential exposure.
Users are advised to update to the latest versions of these tools to mitigate potential risks.
View SourceMeta’s Llama Framework Vulnerability Allows Remote Code Execution
A high-severity security flaw, identified as CVE-2024-50050, has been discovered in Meta’s Llama large language model (LLM) framework. This vulnerability stems from the deserialization of untrusted data within the Llama Stack component, enabling attackers to execute arbitrary code on the inference server by sending malicious data.
The issue arises from the use of Python’s ‘pickle’ module for object serialization, which can lead to remote code execution when handling untrusted inputs. Meta addressed this vulnerability in version 0.0.41 by replacing ‘pickle’ with JSON for socket communication.
Users are strongly advised to update to the latest version to mitigate potential risks.
View SourceIf you’re ready to learn how we can help protect your business from cyber threats, contact us using the form below 👇.
