Tag: adversary
-
Embrace The Red: Cross-Agent Privilege Escalation: When Agents Free Each Other
Source URL: https://embracethered.com/blog/posts/2025/cross-agent-privilege-escalation-agents-that-free-each-other/ Source: Embrace The Red Title: Cross-Agent Privilege Escalation: When Agents Free Each Other Feedly Summary: During the Month of AI Bugs, I described an emerging vulnerability pattern that shows how commonly agentic systems have a design flaw that allows an agent to overwrite its own configuration and security settings. This allows the…
-
Cisco Talos Blog: What happens when you engage Cisco Talos Incident Response?
Source URL: https://blog.talosintelligence.com/what-happens-when-you-engage-talos-ir/ Source: Cisco Talos Blog Title: What happens when you engage Cisco Talos Incident Response? Feedly Summary: What happens when you bring in a team of cybersecurity responders? How do we turn chaos into control, and what is the long-term value that Talos IR provides to the organizations we work with? AI Summary…
-
Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets
Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…
-
Microsoft Security Blog: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/ Source: Microsoft Security Blog Title: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework Feedly Summary: A comprehensive technical deep dive on PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application. Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and…
-
The Register: Uncle Sam floats tracking tech to keep AI chips out of China
Source URL: https://www.theregister.com/2025/08/05/us_ai_chip_tracking/ Source: The Register Title: Uncle Sam floats tracking tech to keep AI chips out of China Feedly Summary: Plan would embed location verification in advanced semiconductors to combat black market exports The Trump administration wants better ways to track the location of chips, as part of attempts to prevent advanced AI accelerator…
-
Slashdot: CrowdStrike Investigated 320 North Korean IT Worker Cases In the Past Year
Source URL: https://it.slashdot.org/story/25/08/04/2032214/crowdstrike-investigated-320-north-korean-it-worker-cases-in-the-past-year Source: Slashdot Title: CrowdStrike Investigated 320 North Korean IT Worker Cases In the Past Year Feedly Summary: AI Summary and Description: Yes Summary: The report highlights a significant rise in North Korean operatives using generative AI to infiltrate tech jobs globally, particularly within Fortune 500 and smaller organizations. CrowdStrike’s observations underline a…