attacker – Page 2 – Experimental News Clipping Site

The Register: Subpoena tracking platform blames outage on AWS social engineering attack

Oct 2, 2025

—

by

Source URL: https://www.theregister.com/2025/10/02/subpoena_tracking_platform_outage_blamed/ Source: The Register Title: Subpoena tracking platform blames outage on AWS social engineering attack Feedly Summary: Software maker Kodex said its domain registrar fell for a fraudulent legal order A software platform used by law enforcement agencies and major tech companies to manage subpoenas and data requests went dark this week after…

Schneier on Security: Daniel Miessler on the AI Attack/Defense Balance

Oct 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/10/daniel-miessler-on-the-ai-attack-defense-balance.html Source: Schneier on Security Title: Daniel Miessler on the AI Attack/Defense Balance Feedly Summary: His conclusion: Context wins Basically whoever can see the most about the target, and can hold that picture in their mind the best, will be best at finding the vulnerabilities the fastest and taking advantage of them. Or,…

Cloud Blog: The oracles of DeFi: How to build trustworthy data feeds for decentralized applications

Oct 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/financial-services/blockchain-oracles-dz-bank-solution-defi-enterprise-applications/ Source: Cloud Blog Title: The oracles of DeFi: How to build trustworthy data feeds for decentralized applications Feedly Summary: Distributed ledger technology (DLT) emerged with Bitcoin as a censorship-resistant way to conduct payments between distrusting peers. After a period, traditional financial institutions began to explore the technology, recognizing the potential of its…

Slashdot: Intel and AMD Trusted Enclaves, a Foundation For Network Security, Fall To Physical Attacks

Oct 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/10/01/229239/intel-and-amd-trusted-enclaves-a-foundation-for-network-security-fall-to-physical-attacks?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Intel and AMD Trusted Enclaves, a Foundation For Network Security, Fall To Physical Attacks Feedly Summary: AI Summary and Description: Yes Summary: Researchers have introduced two significant hardware attacks, Battering RAM and Wiretap, that compromise Intel SGX and AMD SEV-SNP trusted enclaves. These attacks exploit flaws in deterministic encryption…

The Register: ‘Delightful’ root-access bug in Red Hat OpenShift AI allows full cluster takeover

Oct 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/01/critical_red_hat_openshift_ai_bug/ Source: The Register Title: ‘Delightful’ root-access bug in Red Hat OpenShift AI allows full cluster takeover Feedly Summary: Who wouldn’t want root access on cluster master nodes? A 9.9 out of 10 severity bug in Red Hat’s OpenShift AI service could allow a remote attacker with minimal authentication to steal data, disrupt…

The Register: Warnings about Cisco vulns under active exploit are falling on deaf ears

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/30/cisco_firewall_vulns/ Source: The Register Title: Warnings about Cisco vulns under active exploit are falling on deaf ears Feedly Summary: 50,000 firewall devices still exposed Nearly 50,000 Cisco ASA/FTD instances vulnerable to two bugs that are actively being exploited by “advanced" attackers remain exposed to the internet, according to Shadowserver data.… AI Summary and…

Simon Willison’s Weblog: Designing agentic loops

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Sep/30/designing-agentic-loops/ Source: Simon Willison’s Weblog Title: Designing agentic loops Feedly Summary: Coding agents like Anthropic’s Claude Code and OpenAI’s Codex CLI represent a genuine step change in how useful LLMs can be for producing working code. These agents can now directly exercise the code they are writing, correct errors, dig through existing implementation…

Cloud Blog: Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations/ Source: Cloud Blog Title: Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations Feedly Summary: Written by: Omar ElAhdan, Matthew McWhirt, Michael Rudden, Aswad Robinson, Bhavesh Dhake, Laith Al Background Protecting software-as-a-service (SaaS) platforms and applications requires a comprehensive security strategy. Drawing…

The Register: One line of malicious npm code led to massive Postmark email heist

Sep 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/29/postmark_mcp_server_code_hijacked/ Source: The Register Title: One line of malicious npm code led to massive Postmark email heist Feedly Summary: MCP plus open source plus typosquatting … what could possibly go wrong? A fake npm package posing as Postmark’s MCP (Model Context Protocol) server silently stole potentially thousands of emails a day by adding…

Schneier on Security: Abusing Notion’s AI Agent for Data Theft

Sep 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/09/abusing-notions-ai-agent-for-data-theft.html Source: Schneier on Security Title: Abusing Notion’s AI Agent for Data Theft Feedly Summary: Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private…

Tag: attacker