Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
XDA Developers on MSN

After two months of Open WebUI updates, I'd pick it over ChatGPT's interface for local LLMs

Open WebUI has been getting some great updates, and it's a lot better than ChatGPT's web interface at this point.
Gadget Review on MSN

Hacker used Claude and ChatGPT to breach multiple government agencies

Solo hacker used AI to breach 9 Mexican government agencies, exposing 195 million citizens' data in hours instead of weeks.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
IEEE

A Survey on Deep Active Learning: Recent Advances and New Frontiers

Abstract: Active learning seeks to achieve strong performance with fewer training samples. It does this by iteratively asking an oracle to label newly selected samples in a human-in-the-loop manner.
Microsoft

Investigating Storm-2755: “Payroll pirate” attacks targeting Canadian employees

Microsoft Incident Response – Detection and Response Team (DART) researchers observed an emerging, financially motivated ...
The Hacker News

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.
CNBC

OpenAI to acquire developer tooling startup Astral in boost for Codex team

OpenAI said it will acquire Astral, a startup that builds tools for software developers. Astral's team will join OpenAI as part of the group running its AI coding assistant, Codex. OpenAI has been ...