Tag: base64
-
Bulletins: Vulnerability Summary for the Week of June 23, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-181 Source: Bulletins Title: Vulnerability Summary for the Week of June 23, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info 70mai–M300 A vulnerability was found in 70mai M300 up to 20250611 and classified as critical. Affected by this issue is some unknown functionality of the component Telnet…
-
Bulletins: Vulnerability Summary for the Week of June 9, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-167 Source: Bulletins Title: Vulnerability Summary for the Week of June 9, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Acer–ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named…
-
Cloud Blog: Multimodal agents tutorial: How to use Gemini, Langchain, and LangGraph to build agents for object detection
Source URL: https://cloud.google.com/blog/products/ai-machine-learning/build-multimodal-agents-using-gemini-langchain-and-langgraph/ Source: Cloud Blog Title: Multimodal agents tutorial: How to use Gemini, Langchain, and LangGraph to build agents for object detection Feedly Summary: Here’s a common scenario when building AI agents that might feel confusing: How can you use the latest Gemini models and an open-source framework like LangChain and LangGraph to create…
-
Cloud Blog: Mark Your Calendar: APT41 Innovative Tactics
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/apt41-innovative-tactics/ Source: Cloud Blog Title: Mark Your Calendar: APT41 Innovative Tactics Feedly Summary: Written by: Patrick Whitsell Google Threat Intelligence Group’s (GTIG) mission is to protect Google’s billions of users and Google’s multitude of products and services. In late October 2024, GTIG discovered an exploited government website hosting malware being used to target…
-
Simon Willison’s Weblog: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft
Source URL: https://simonwillison.net/2025/May/23/remote-prompt-injection-in-gitlab-duo/ Source: Simon Willison’s Weblog Title: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Feedly Summary: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Yet another example of the classic Markdown image exfiltration attack, this time affecting GitLab Duo – GitLab’s chatbot. Omer Mayraz reports on how…
-
Cloud Blog: COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/coldriver-steal-documents-western-targets-ngos/ Source: Cloud Blog Title: COLDRIVER Using New Malware To Steal Documents From Western Targets and NGOs Feedly Summary: Written by: Wesley Shields Google Threat Intelligence Group (GTIG) has identified a new piece of malware called LOSTKEYS, attributed to the Russian government-backed threat group COLDRIVER (also known as UNC4057, Star Blizzard, and Callisto).…
-
Simon Willison’s Weblog: Feed a video to a vision LLM as a sequence of JPEG frames on the CLI (also LLM 0.25)
Source URL: https://simonwillison.net/2025/May/5/llm-video-frames/#atom-everything Source: Simon Willison’s Weblog Title: Feed a video to a vision LLM as a sequence of JPEG frames on the CLI (also LLM 0.25) Feedly Summary: The new llm-video-frames plugin can turn a video file into a sequence of JPEG frames and feed them directly into a long context vision LLM such…
-
Bulletins: Vulnerability Summary for the Week of April 21, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-118 Source: Bulletins Title: Vulnerability Summary for the Week of April 21, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info AdeptLanguage–Adept Adept is a language for general purpose programming. Prior to commit a1a41b7, the remoteBuild.yml workflow file uses actions/upload-artifact@v4 to upload the mac-standalone artifact. This artifact is…
-
Simon Willison’s Weblog: Image segmentation using Gemini 2.5
Source URL: https://simonwillison.net/2025/Apr/18/gemini-image-segmentation/ Source: Simon Willison’s Weblog Title: Image segmentation using Gemini 2.5 Feedly Summary: Max Woolf pointed out this new feature of the Gemini 2.5 series in a comment on Hacker News: One hidden note from Gemini 2.5 Flash when diving deep into the documentation: for image inputs, not only can the model be…
-
Simon Willison’s Weblog: Model Context Protocol has prompt injection security problems
Source URL: https://simonwillison.net/2025/Apr/9/mcp-prompt-injection/#atom-everything Source: Simon Willison’s Weblog Title: Model Context Protocol has prompt injection security problems Feedly Summary: As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built on that protocol are starting to come…