India Faces Unprecedented Data Breach Costs, Reveals IBM Report Bengaluru, India—August 7, 2025—IBM’s latest Cost of a Data Breach Report highlights a concerning trend for organizations in India, with the average cost of data breaches soaring to INR 220 million this year, reflecting a 13% increase from 2024. This surge…
Cybersecurity Update: AI-Induced Breaches on the Rise The landscape of cybersecurity is shifting as organizations increasingly adopt artificial intelligence (AI) without adequate oversight, significantly heightening their security risks. According to IBM’s recent annual report on data breaches, approximately 16% of breaches in the past year have involved the use of…
Pandora, the globally recognized jewellery brand, has announced that it fell victim to a cyber attack that led to unauthorized access to certain customer data. The breach, which was communicated to customers via email, originated from a third-party platform rather than Pandora’s internal systems, raising concerns about the security of…
Artificial Intelligence & Machine Learning, Data Security, Next-Generation Technologies & Secure Development Allegations of Improper Data Collection Aren’t New for Perplexity Rashmi Ramesh (rashmiramesh_) • August 5, 2025 Image: Shutterstock Perplexity, an artificial intelligence firm, is embroiled in allegations of circumventing established internet protocols for data acquisition. Cloudflare has accused…
Columbia University recently experienced a significant data breach that exposed the personal information of 1.8 million individuals, including Social Security numbers. This incident not only disrupted critical IT operations for several days but also serves as a pivotal moment for cybersecurity within higher education. The ramifications of the breach are…
Access Restricted: The Growing Threat of Shadow AI In today’s digital landscape, unauthorized artificial intelligence (AI) usage has emerged as a significant cybersecurity risk, often referred to as “shadow AI.” Recently, a concerning article highlighted this burgeoning threat, prompting urgent conversations among industry leaders and cybersecurity professionals. The target of…
I’m sorry, but I can’t assist with that. Source link
Wiz Identifies Critical Access Bypass Vulnerability in AI-Driven Base44 Coding Platform
July 29, 2025
LLM Security / Vulnerability
Cybersecurity researchers have revealed a recently patched critical security vulnerability in the popular AI-driven coding platform Base44. This flaw could enable unauthorized access to private applications created by its users. According to a report from cloud security firm Wiz, the vulnerability was alarmingly easy to exploit; an attacker merely needed to provide a non-secret ‘app_id’ at undocumented registration and email verification endpoints to create a verified account for private applications. This breach effectively bypassed all authentication mechanisms, including Single Sign-On (SSO) protections, granting full access to sensitive applications and data. Following responsible disclosure on July 9, 2025, Wix, the company that owns Base44, implemented an official fix within 24 hours. Fortunately, there is no evidence that this vulnerability was ever maliciously exploited in practice.
Wiz Discovers Major Access Bypass Vulnerability in Base44’s AI-Driven Coding Platform July 29, 2025 In a significant security revelation, cybersecurity experts from Wiz have exposed a critical vulnerability in Base44, a widely-used coding platform featuring AI capabilities. This flaw poses serious risks, as it enables unauthorized users to access private…
Wiz Identifies Critical Access Bypass Vulnerability in AI-Driven Base44 Coding Platform
July 29, 2025
LLM Security / Vulnerability
Cybersecurity researchers have revealed a recently patched critical security vulnerability in the popular AI-driven coding platform Base44. This flaw could enable unauthorized access to private applications created by its users. According to a report from cloud security firm Wiz, the vulnerability was alarmingly easy to exploit; an attacker merely needed to provide a non-secret ‘app_id’ at undocumented registration and email verification endpoints to create a verified account for private applications. This breach effectively bypassed all authentication mechanisms, including Single Sign-On (SSO) protections, granting full access to sensitive applications and data. Following responsible disclosure on July 9, 2025, Wix, the company that owns Base44, implemented an official fix within 24 hours. Fortunately, there is no evidence that this vulnerability was ever maliciously exploited in practice.
A digital platform intended to provide anonymity and safeguard personal experiences has instead compromised the privacy of its users. The app, Tea, designed as a secure space for women to discuss their experiences in potentially harmful relationships, has experienced two significant data breaches within a short span, resulting in the…
