iNews Vol 215

Infrastructure News

New flaws in NVIDIA’s Triton Server let remote attackers take over systems via RCE, posing major risks to AI infrastructure.

Newly revealed security flaws in NVIDIA’s Triton Inference Server for Windows and Linux could let remote, unauthenticated attackers fully take over vulnerable servers.

China’s botched Great Firewall upgrade invites attacks on its censorship infrastructure

Attempts to censor QUIC traffic create chance to block access to offshore DNS resolvers

ALM and Cloud News

Google addresses six vulnerabilities in August’s Android security update

Android partners and customers have experienced a temporary respite from double-digit vulnerabilities this summer. Google issued no security patches in its update last month.

Project Zero disclosure policy change puts vendors on early notice

Google wants to shorten delays in the vulnerability lifecycle by sharing limited details about newly discovered defects within a week of reporting to the affected vendor.

‘Death Stranding’ Is Helping UK Users Bypass Age Verification Laws

The video game’s photo mode is being used to outsmart age verification systems on popular platforms like Discord and Reddit in the UK.

Cybersecurity News

Fashion giant Chanel hit in wave of Salesforce data theft attacks

French fashion giant Chanel is the latest company to suffer a data breach in an ongoing wave of Salesforce data theft attacks.

CISA is facing a tight CIRCIA deadline. Here’s how Sean Plankey can attempt to meet it

The agency has two months to publish its final rule. It will not meet that mark, but a new CISA director has the tools to move the program forward.

Akira ransomware targets fully patched SonicWall VPNs in suspected zero-day attacks, with multiple intrusions seen in late July 2025.

Arctic Wolf Labs researchers reported that Akira ransomware is exploiting SonicWall SSL VPNs in a likely zero-day attack, targeting even fully patched devices.