TGINSIGHT SIMILAR POSTS
Source channel @githubtrending · Post #15201 · Oct 6
#python#security#security_tools#vulnerability#vulnerability_databases#vulnerability_management#vulnerability_scanners OSV is a free, open-source database and toolset that helps you find and manage security vulnerabilities in open source software you use. It collects vulnerability data from many sources, including official advisories and automated scans, and presents it in a clear, machine-readable format. You can use the OSV scanner tool to automatically check your software dependencies for known security issues, helping you fix them quickly. This improves your software’s security by focusing on real risks and making vulnerability management easier and more efficient. OSV also offers APIs and integrates with other tools for automation and alerts. https://github.com/google/osv.dev
Search: #20b
@kejiqu · Post #3730 · 08/27/2025, 02:50 AM
全球首个 AI 勒索软件现身:滥用 OpenAI 开源模型,跨平台搜索、窃取、加密文件 ESET 报告发现名为 PromptLock 的勒索软件,该软件是全球首个利用 AI 生成恶意代码的案例。PromptLock 调用 gpt-oss:20b 模型,在受感染设备本地生成恶意 Lua 代码,用于跨 Windows、Linux 和 macOS 系统搜索、窃取并加密文件。该模型可在具备 16GB 显存的设备上本地运行,支持自由修改和使用。攻击者可以通过建立内部智能体或隧道,将受害网络连接到外部服务器运行的模型,以规避对本地显存的需求。专家认为 PromptLock 或是概念验证程序,但预示着威胁行为者利用本地或私有 AI 的早期信号。OpenAI 表示已采取措施降低模型被恶意利用的风险。IT之家 🏷#PromptLock#AI#勒索软件#gpt#oss#20b 📢频道👥群组📝投稿