Tag: aware

—

by

Source URL: https://www.theregister.com/2025/08/21/anthropic_claude_nuclear_chat_detection/ Source: The Register Title: Anthropic scanning Claude chats for queries about DIY nukes for some reason Feedly Summary: Because savvy terrorists always use public internet services to plan their mischief, right? Anthropic says it has scanned an undisclosed portion of conversations with its Claude AI model to catch concerning inquiries about nuclear…

Cloud Blog: 101+ gen AI use cases with technical blueprints

—

by

Source URL: https://cloud.google.com/blog/products/ai-machine-learning/real-world-gen-ai-use-cases-with-technical-blueprints/ Source: Cloud Blog Title: 101+ gen AI use cases with technical blueprints Feedly Summary: A little over a year ago, we published a list of generative AI use cases that has since grown to include more than 600 examples of how organizations are putting AI to work. Yet for many developers and…

The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

—

by

Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

The Register: AI crawlers and fetchers are blowing up websites, with Meta and OpenAI the worst offenders

—

by

Source URL: https://www.theregister.com/2025/08/21/ai_crawler_traffic/ Source: The Register Title: AI crawlers and fetchers are blowing up websites, with Meta and OpenAI the worst offenders Feedly Summary: One fetcher bot seen smacking a website with 39,000 requests per minute Cloud services giant Fastly has released a report claiming AI crawlers are putting a heavy load on the open…

Unit 42: Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth

—

by

Source URL: https://unit42.paloaltonetworks.com/attackers-sell-your-bandwidth-using-sdks/ Source: Unit 42 Title: Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth Feedly Summary: A campaign leverages CVE-2024-36401 to stealthily monetize victims’ bandwidth where legitimate software development kits (SDKs) are deployed for passive income. The post Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth…

Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets

—

by

Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

The Register: Perplexity’s Comet browser naively processed pages with evil instructions

Aug 20, 2025

—

by

Source URL: https://www.theregister.com/2025/08/20/perplexity_comet_browser_prompt_injection/ Source: The Register Title: Perplexity’s Comet browser naively processed pages with evil instructions Feedly Summary: Rival Brave flags prompt injection vulnerability, now patched To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.… AI Summary and Description: Yes Summary: The text discusses a recently…

Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection

Aug 20, 2025

—

by