Experimental News Clipping Site

Tag: cloud security

  • Embrace The Red: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/aws-kiro-aribtrary-command-execution-with-indirect-prompt-injection/ Source: Embrace The Red Title: AWS Kiro: Arbitrary Code Execution via Indirect Prompt Injection Feedly Summary: On the day AWS Kiro was released, I couldn’t resist putting it through some of my Month of AI Bugs security tests for coding agents. AWS Kiro was vulnerable to arbitrary command execution via indirect prompt…

  • The Register: Malware-ridden apps made it into Google’s Play Store, scored 19 million downloads

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/26/apps_android_malware/ Source: The Register Title: Malware-ridden apps made it into Google’s Play Store, scored 19 million downloads Feedly Summary: Everything’s fine, the ad slinger assures us Cloud security vendor Zscaler says customers of Google’s Play Store have downloaded more than 19 million instances of malware-laden apps that evaded the web giant’s security scans.……

  • Cisco Security Blog: Cisco Bolsters Security for Government With New FedRAMP Authorizations

    by

    Kurt Seifried
    in

    Source URL: https://feedpress.me/link/23535/17126109/cisco-bolsters-security-for-government-with-new-fedramp-authorizations Source: Cisco Security Blog Title: Cisco Bolsters Security for Government With New FedRAMP Authorizations Feedly Summary: Cisco is proud to announce three new FedRAMP-authorized cloud security solutions, pupose-built for federal, state, and local agencies. AI Summary and Description: Yes Summary: Cisco’s introduction of three new FedRAMP-authorized cloud security solutions represents a significant…

  • Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

  • Simon Willison’s Weblog: Open weight LLMs exhibit inconsistent performance across providers

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Aug/15/inconsistent-performance/ Source: Simon Willison’s Weblog Title: Open weight LLMs exhibit inconsistent performance across providers Feedly Summary: Artificial Analysis published a new benchmark the other day, this time focusing on how an individual model – OpenAI’s gpt-oss-120b – performs across different hosted providers. The results showed some surprising differences. Here’s the one with the…

  • Slashdot: Foxconn Now Making More From Servers than iPhones

    by

    Kurt Seifried
    in

    Source URL: https://apple.slashdot.org/story/25/08/15/0631212/foxconn-now-making-more-from-servers-than-iphones?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Foxconn Now Making More From Servers than iPhones Feedly Summary: AI Summary and Description: Yes Summary: The report highlights Foxconn’s significant shift in revenue generation, with its AI server production now surpassing its traditional consumer electronics revenues. This shift emphasizes the growing market demand for AI infrastructure, indicating a…