database
-
Blog
Flaws in a popular dev library could let hackers run malicious code in your MongoDB database
A researcher has uncovered two related vulnerabilities in a popular developer library used to connect applications and MongoDB that could allow hackers to sneak into your database. Mongoose is an object data modeling (ODM) library for MongDB that connects it to the Node.js runtime environment, essentially simplifying interactions between applications and MongoDB databases The flaws were discovered by Dat Phung,…
Read More » -
Blog
DeepSeek exposes database with over 1 million chat records
DeepSeek, the Chinese AI startup known for its DeepSeek-R1 LLM model, has publicly exposed two databases containing sensitive user and operational information. The unsecured ClickHouse instances reportedly held over a million log entries containing user chat history in plaintext form, API keys, backend details, and operational metadata. Wiz Research discovered this exposure during a security assessment of DeepSeek’s external infrastructure.…
Read More » -
Blog
DeepSeek Locked Down Public Database Access That Exposed Chat History
On Jan. 29, U.S.-based Wiz Research announced it responsibly disclosed a DeepSeek database previously open to the public, exposing chat logs and other sensitive information. DeepSeek locked down the database, but the discovery highlights possible risks with generative AI models, particularly international projects. DeepSeek shook up the tech industry over the last week as the Chinese company’s AI models rivaled…
Read More » -
Blog
DeepSeek database left user data, chat histories exposed for anyone to see
DeepSeek has secured a “completely open” database that exposed user chat histories, API authentication keys, system logs, and other sensitive information, according to cloud security firm Wiz. The security researchers said they found the Chinese AI startup’s publicly accessible database in “minutes,” with no authentication required. The exposed information was housed within an open-source data management system called ClickHouse and…
Read More » -
Blog
UN aviation agency confirms recruitment database security breach
The United Nations’ International Civil Aviation Organization (ICAO) has confirmed that a threat actor has stolen approximately 42,000 records after hacking into its recruitment database. This follows ICAO’s announcement on Monday that it was investigating what it described as a “potential information security incident.” While the UN agency didn’t provide additional details, this came two days after a threat actor…
Read More » -
Blog
Excel in Your Job with Database Expertise
TL;DR: Get The 2024 All-in-One Database Course Bundle for $24.99 (reg. $199) and develop professional-grade skills in database management and GitHub. In this data-driven world, employers are seeking professionals who can confidently manage and optimize databases. The 2024 All-in-One Database Course Bundle offers the practical skills needed to stand out in the tech landscape — covering MS SQL Server, T-SQL…
Read More » -
Blog
MIT just launched a new database tracking the biggest AI risks
MIT is tracking the potential dangers posed by AI — and has found that most adoption frameworks designed to boost safe use of the technology are missing out on key risks. Researchers at MIT’s Computer Science and Artificial Intelligence Laboratory (CSAIL) have joined forces with colleagues at University of Queensland, Future of Life Institute, KU Leuven, and Harmony Intelligence to…
Read More » -
Blog
MIT delivers database containing 700+ risks associated with AI
However, researchers noted in the FAQ that the Repository does have several limitations, including being limited to risks from the 43 taxonomies, so it “may be missing emerging, domain-specific risks, and unpublished risks, and has potential for errors and subject bias; we used a single expert reviewer for extraction and coding.” Despite those shortcomings, the MIT Technology Review article stated…
Read More »