attackers – Page 10 – Experimental News Clipping Site

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

The Register: Perplexity’s Comet browser naively processed pages with evil instructions

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/perplexity_comet_browser_prompt_injection/ Source: The Register Title: Perplexity’s Comet browser naively processed pages with evil instructions Feedly Summary: Rival Brave flags prompt injection vulnerability, now patched To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.… AI Summary and Description: Yes Summary: The text discusses a recently…

The Register: Commvault releases patches for two nasty bug chains after exploits proven

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/commvault_bug_chains_patched/ Source: The Register Title: Commvault releases patches for two nasty bug chains after exploits proven Feedly Summary: Researchers disclosing their findings said ‘it’s as bad as it sounds’ Researchers at watchTowr just published working proof-of-concept exploits for two unauthenticated remote code execution bug chains in backup giant Commvault.… AI Summary and Description:…

Cloud Blog: A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/analyzing-cornflake-v3-backdoor/ Source: Cloud Blog Title: A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor Feedly Summary: Written by: Marco Galli Welcome to the Frontline Bulletin Series Straight from Mandiant Threat Defense, the “Frontline Bulletin" series brings you the latest on the most intriguing compromises we are seeing in the wild right now, equipping our community…

The Register: Don’t want drive-by Ollama attackers snooping on your local chats? Patch now

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/19/ollama_driveby_attack/ Source: The Register Title: Don’t want drive-by Ollama attackers snooping on your local chats? Patch now Feedly Summary: Reconfigure local app settings via a ‘simple’ POST request A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people’s personal…

The Register: Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/19/apache_activemq_patch_malware/ Source: The Register Title: Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in Feedly Summary: Intruders hoped no one would notice their presence Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux…

Cisco Talos Blog: Ransomware incidents in Japan during the first half of 2025

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/ransomware_incidents_in_japan_during_the_first_half_of_2025/ Source: Cisco Talos Blog Title: Ransomware incidents in Japan during the first half of 2025 Feedly Summary: Ransomware attackers continue to primarily target small and medium-sized manufacturing businesses in Japan. AI Summary and Description: Yes Summary: The text provides an in-depth analysis of the rise in ransomware attacks in Japan during the…

Unit 42: Fashionable Phishing Bait: GenAI on the Hook

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/genai-phishing-bait/ Source: Unit 42 Title: Fashionable Phishing Bait: GenAI on the Hook Feedly Summary: GenAI-created phishing campaigns misuse tools ranging from website builders to text generators in order to create more convincing and scalable attacks. The post Fashionable Phishing Bait: GenAI on the Hook appeared first on Unit 42. AI Summary and Description:…

Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

The Register: Boffins say tool can sniff 5G traffic, launch ‘attacks’ without using rogue base stations

Aug 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/18/sni5gect/ Source: The Register Title: Boffins say tool can sniff 5G traffic, launch ‘attacks’ without using rogue base stations Feedly Summary: Sni5Gect research crew targets sweet spot during device / network handshake pause Security boffins have released an open source tool for poking holes in 5G mobile networks, claiming it can do up-…

Tag: attackers