FEATURES EDITION | Researchers Highlight How Poisoned LLMs Can Suggest Vulnerable Code

CodeBreaker technique can create code samples that poison the output of code-completing large language models, resulting in vulnerable — and undetectable — code suggestions.

Follow Dark Reading:

August 24, 2024

LATEST SECURITY FEATURES & COMMENTARY Researchers Highlight How Poisoned LLMs Can Suggest Vulnerable Code CodeBreaker technique can create code samples that poison the output of code-completing large language models, resulting in vulnerable — and undetectable — code suggestions. Gartner Spotlights AI, Security in 2024 Hype Cycle for Emerging Tech The technologies listed in Gartner's 2024 Hype Cycle for Emerging Technologies fall into four key areas: autonomous AI, developer productivity, total experience, and human-centric security and privacy programs. Microsoft Will Require MFA for Azure Services Multifactor authentication enforcement for Azure portal, Microsoft Entrata admin center, and Intune admin center will begin October. Assume Breach When Building AI Apps AI jailbreaks are not vulnerabilities; they are expected behavior. The Silver Bullet of MFA Was Never Enough There is no such thing as a silver bullet in cybersecurity. No, not even multifactor authentication. MORE FROM THE EDGE / MORE FROM DR TECHNOLOGY HOT TOPICS 'Styx Stealer' Blows Its Own Cover With Sloppy OpSec Mistake An individual in Turkey is behind a new information stealer that researchers have recently observed in multiple attacks. Azure Kubernetes Bug Lays Open Cluster Secrets Vulnerability gave attackers with access to a pod a way to obtain credentials and other secrets. Slack Patches AI Bug That Let Attackers Steal Data From Private Channels A prompt injection flaw in the AI feature of the workforce collaboration suite makes malicious queries of data sources appear legitimate. MORE PRODUCTS & RELEASES Malicious Links, AI-Enabled Tools, and Attacks on SMBs Among Top Cybersecurity Threats in H1 Mimecast Global Threat Intelligence Report IBM SkillsBuild Cybersecurity and Data Analytics Certificates to be Deployed in Community College Systems Digital Align Inc. Achieves SOC 2 Type 2 Certification for Secure Automation Intelligence Experian Acquires Behavioral Analytics Company NeuroID MORE PRODUCTS & RELEASES EDITORS' CHOICE NIST Releases 3 Post-Quantum Standards, Urges Orgs to Start PQC Journey Security experts welcome the long-anticipated publication of the first post-quantum cryptographic standards as a significant milestone. How Can Organizations Navigate SEC's Cyber Materiality Disclosures? Inconsistencies and lack of information in cybersecurity disclosures highlight the need for organizations to establish a robust materiality assessment framework. C-Suite Involvement in Cybersecurity Is Little More Than Lip Service Collaboration with security teams, making cybersecurity a core principle of business strategy, and investing in defenses better position organizations to thwart threats and ensure business continuity. WEBINARS Determining Exposure and Risk In The Event of a Breach Catch the Threat Before it Catches you: Proactive Ransomware Defense View More Dark Reading Webinars >> WHITE PAPERS Generative AI Gifts 5 Essential Insights into Generative AI for Security Leaders SANS 2024 Security Awareness Report Ten Elements of Insider Risk in Highly Regulated Industries 2023 OT Cybersecurity Year in Review 5 Critical Controls for World-Class OT Cybersecurity Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks View More White Papers >> FEATURED REPORTS State of Enterprise Cloud Security Managing Third-Party Risk Through Situational Awareness 2024 InformationWeek US IT Salary Report View More Dark Reading Reports >>

Dark Reading Daily -- Published By Dark Reading Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond here. Thoughts about this newsletter? Give us feedback. Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our Privacy Statement.

© 2024 | Informa Tech | Privacy Statement | Terms & Conditions | Contact Us