LogRhythm, a leading SIEM (Security Information and Event Management) company, is merging with Exabeam, another prominent SIEM player, in a move that aims to create a stronger, AI-driven security operations leader in the market.

AI systems trained to excel at tasks can learn to lie and deceive in order to gain an advantage, posing serious risks to society such as fraud, election tampering, and even the potential loss of human control over AI.

The two vulnerabilities, an SQL injection flaw (CVE-2024-26026) and an OData injection vulnerability (CVE-2024-21793), could allow attackers to gain admin control and create hidden rogue accounts on managed assets.

Researchers detailed a deserialization vulnerability in Siemens software used to monitor industrial energy consumption and attributed the flaw to the German conglomerate's decision to use a programming method that has known security risks.

Security experts say Western teenagers comprise a number of active affiliate groups, many with ties to the cybercrime community that calls itself "The Community," aka the Com or Comm.

One security researcher investigating AI-hallucinated libraries said late last month that he found chatbots calling for a nonexistent Python package dubbed "huggingface-cli."

"An increase of attacks can currently be assumed, particularly in light of the upcoming European elections. These may include phishing attacks to publish stolen data or documents," a BSI spokesperson told Information Security Media Group.

UnitedHealth Group has publicly acknowledged that data was "taken" in the cyberattack on its Change Healthcare unit and said it has started analyzing the types of sensitive personal, financial, and health information potentially compromised.

Cybercrooks are exploring ways to develop custom, malicious large language models after existing tools such as WormGPT failed to cater to their demands for advanced intrusion capabilities, security researchers said.

The HHS' Health Sector Cybersecurity Coordination Center in an alert warned that email bomb attacks - also known as letter bomb attacks - pose a considerable potential threat.