A severe authorization vulnerability was recently discovered in Schemata, an AI-powered virtual training platform serving the United States Department of Defense. Security researcher Alex Schapiro, utilizing the open-source AI hacking agent Strix, identified a critical lack of API authorization. Backed by Andreessen Horowitz, Schemata holds active government contracts to provide immersive 3D simulations for various […]

The post Zero-Auth Vulnerability Enables Cross-Tenant Access at DoD Contractor appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Divya

Source: gbHackers
Source Link: https://gbhackers.com/zero-auth-vulnerability-dod-contractor/