Yazılar

OpenAI’s o3 Model Aids Discovery of Critical Zero-Day Flaw in Linux Kernel SMB Stack

/in /tarafından

A cybersecurity researcher recently leveraged OpenAI’s o3 artificial intelligence (AI) model to uncover a critical zero-day vulnerability in the Linux kernel’s Server Message Block (SMB) implementation, known as ksmbd. This previously unknown security flaw, now tracked as CVE-2025-37899, involved complex interactions between multiple users or connections, making it particularly difficult to detect through traditional methods. Fortunately, a patch addressing the vulnerability has already been released to protect affected systems.

The discovery marks a significant milestone in the use of AI for cybersecurity, as such models are seldom used to find zero-day bugs—security flaws that are unknown and potentially unexploited before detection. While manual code audits remain the predominant approach for finding vulnerabilities, they can be painstaking and time-consuming when dealing with massive codebases. Researcher Sean Heelan explained in a detailed blog post how the o3 model accelerated the identification process, demonstrating AI’s emerging role as a powerful aid in vulnerability research.

Interestingly, Heelan initially employed the AI to examine a different security issue, CVE-2025-37778, a Kerberos authentication vulnerability categorized as a “use-after-free” bug. This type of flaw occurs when a system frees a block of memory but subsequent processes continue to reference it, potentially causing crashes or exploitable conditions. While testing the AI on this bug, the model unexpectedly flagged the SMB flaw in about eight out of 100 runs, underscoring the AI’s potential to uncover hidden vulnerabilities beyond its primary task.

This breakthrough with OpenAI’s o3 model highlights the growing synergy between artificial intelligence and cybersecurity research. As AI tools become more sophisticated, they offer promising avenues for automating complex code analysis and enhancing the detection of elusive security threats. The Linux SMB vulnerability case exemplifies how AI can augment human expertise, making systems safer in an era of increasingly sophisticated cyberattacks.

CloudSEK Secures $19 Million Funding to Accelerate AI Development and Platform Expansion

/in /tarafından

CloudSEK recently announced the successful completion of its combined Series A2 and B1 funding rounds, raising a total of $19 million (approximately Rs. 162.3 crore). This significant capital infusion includes participation from a mix of Indian and US-based investors, underscoring the company’s growing global appeal. While welcoming new investors, CloudSEK’s existing backers have remained committed to the company, signaling strong confidence in its future growth prospects. The fresh funds are primarily earmarked for scaling the company’s artificial intelligence (AI) models and enhancing platform integration capabilities.

The funding round attracted a diverse group of investors, including MassMutual Ventures, Inflexor Ventures, Prana Ventures, Tenacity Ventures, and strategic partners like Commvault. Existing investors such as the Meeran Family, StartupXSeed, Neon Fund, and Exfinity Ventures have continued their involvement, maintaining their stakes in the firm. This continuity indicates sustained trust in CloudSEK’s vision and execution strategy. The collaboration between new and existing investors is expected to provide CloudSEK with both financial support and strategic guidance.

This latest fundraising effort comes four years after CloudSEK’s Series A round led by MassMutual Ventures in 2021, when the company raised $7 million. Prior to that, CloudSEK secured $1.9 million in a pre-Series A round in 2018. The newly raised capital will be invested in product innovation, particularly focusing on expanding CloudSEK’s predictive cybersecurity platform. By leveraging AI, the platform aims to detect cyber threats early by identifying initial attack vectors such as leaked credentials, exposed APIs, and compromised vendors—allowing clients to act proactively before breaches occur.

According to Rahul Sasi, Co-Founder and CEO of CloudSEK, international markets are a major growth driver, with over 60 percent of new revenue coming from outside India. The US is emerging as the company’s fastest-growing region, highlighting the global demand for advanced cybersecurity solutions. Despite this rapid expansion, CloudSEK has managed to remain cash flow positive, demonstrating a balanced approach to scaling and profitability. With this fresh infusion of funds, the company is well-positioned to accelerate AI development and broaden its platform’s integration across global markets.

Vietnam Orders Block on Telegram Over Crime, Anti-State Content Allegations

/in /tarafından

Vietnam’s Ministry of Information and Communications has instructed telecommunication providers to block access to the Telegram messaging app, citing the platform’s alleged failure to cooperate in investigations into criminal activity and anti-state operations.

The directive, dated May 21 and signed by the deputy head of the telecom department, mandates Vietnamese telecom operators to “deploy solutions and measures to prevent Telegram’s activities” and report progress by June 2.

Authorities claim that 68% of the 9,600 Telegram channels and groups active in Vietnam have violated national laws, pointing to incidents of fraud, drug trafficking, and suspected terrorism-related content. Officials also accused Telegram of refusing to share user data when requested as part of ongoing criminal probes.

Telegram Responds

Telegram, which has close to 1 billion global users, expressed surprise at the allegations. A company spokesperson told Reuters:

“We have responded to legal requests from Vietnam on time… We received a formal notice this morning regarding a standard service notification procedure under new telecom regulations. The deadline for our response is May 27, and we are processing the request.”

Despite the government’s order, Telegram remained accessible in Vietnam as of Friday.

Crackdown on Online Content

Vietnam’s ruling Communist Party, known for its tight grip on media and limited tolerance for dissent, has stepped up demands on global tech firms to cooperate with state censorship policies. The country has previously pressured platforms such as Facebook, YouTube, Google, and TikTok to remove content deemed “toxic” or “anti-state.”

The government’s document also accused Telegram of enabling opposition groups to organize and spread anti-government propaganda, with “many groups with tens of thousands of participants” allegedly created by what it called “reactionary subjects.”

Broader Context

Telegram has faced scrutiny globally for its perceived lack of content moderation. In France, founder Pavel Durov was briefly detained last year amid similar concerns over security and data transparency.

The timing of Vietnam’s move also comes ahead of an official visit by French President Emmanuel Macron to Hanoi on Sunday, potentially adding diplomatic nuance to the unfolding situation.