Experimental News Clipping Site

Tag: coding practices

  • The Register: Attackers snooping around Sitecore, dropping malware via public sample keys

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/04/unknown_miscreants_snooping_around_sitecore/ Source: The Register Title: Attackers snooping around Sitecore, dropping malware via public sample keys Feedly Summary: You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping…

  • Tomasz Tunguz: The Rise and Fall of Vibe Coding

    by

    Kurt Seifried
    in

    Source URL: https://www.tomtunguz.com/the-rise-and-fall-of-vibe-coding/ Source: Tomasz Tunguz Title: The Rise and Fall of Vibe Coding Feedly Summary: We’re living through the “Wild West” era of AI-powered software development. Anyone can build custom solutions in minutes rather than months. This creative explosion heads toward a reckoning. Hidden maintenance costs of thousands of “vibe-coded” micro-apps will collide with…

  • The Register: Perplexity’s Comet browser naively processed pages with evil instructions

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/20/perplexity_comet_browser_prompt_injection/ Source: The Register Title: Perplexity’s Comet browser naively processed pages with evil instructions Feedly Summary: Rival Brave flags prompt injection vulnerability, now patched To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.… AI Summary and Description: Yes Summary: The text discusses a recently…

  • Slashdot: Male-Oriented App ‘TeaOnHer’ Also Had Security Flaws That Could Leak Men’s Driver’s License Photos

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/08/18/0550252/male-oriented-app-teaonher-also-had-security-flaws-that-could-leak-mens-drivers-license-photos?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Male-Oriented App ‘TeaOnHer’ Also Had Security Flaws That Could Leak Men’s Driver’s License Photos Feedly Summary: AI Summary and Description: Yes Summary: The text discusses data breaches and security flaws in two dating-advice apps, focusing on the implications of such incidents for user privacy and corporate liability. These issues…

  • Slashdot: Security Flaws In Carmaker’s Web Portal Let a Hacker Remotely Unlock Cars

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/08/17/0221251/security-flaws-in-carmakers-web-portal-let-a-hacker-remotely-unlock-cars?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Security Flaws In Carmaker’s Web Portal Let a Hacker Remotely Unlock Cars Feedly Summary: AI Summary and Description: Yes Summary: A security researcher discovered vulnerabilities in a car dealership portal that could expose personal information and allow remote access to cars. The issues highlight the critical importance of secure…

  • Embrace The Red: Amp Code: Invisible Prompt Injection Fixed by Sourcegraph

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/amp-code-fixed-invisible-prompt-injection/ Source: Embrace The Red Title: Amp Code: Invisible Prompt Injection Fixed by Sourcegraph Feedly Summary: In this post we will look at Amp, a coding agent from Sourcegraph. The other day we discussed how invisible instructions impact Google Jules. Turns out that many client applications are vulnerable to these kinds of attacks…

  • Simon Willison’s Weblog: Chromium Docs: The Rule Of 2

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Aug/11/the-rule-of-2/ Source: Simon Willison’s Weblog Title: Chromium Docs: The Rule Of 2 Feedly Summary: Chromium Docs: The Rule Of 2 Alex Russell pointed me to this principle in the Chromium security documentation as similar to my description of the lethal trifecta. First added in 2019, the Chromium guideline states: When you write code…

  • OpenAI : Introducing GPT-5 for developers

    by

    Kurt Seifried
    in

    Source URL: https://openai.com/index/introducing-gpt-5-for-developers Source: OpenAI Title: Introducing GPT-5 for developers Feedly Summary: Introducing GPT-5 in our API platform—offering high reasoning performance, new controls for devs, and best-in-class results on real coding tasks. AI Summary and Description: Yes Summary: The introduction of GPT-5 on an API platform highlights significant advancements in AI capabilities, particularly in reasoning…

  • Embrace The Red: How Devin AI Can Leak Your Secrets Via Multiple Means

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/devin-can-leak-your-secrets/ Source: Embrace The Red Title: How Devin AI Can Leak Your Secrets Via Multiple Means Feedly Summary: In this post we show how an attacker can make Devin send sensitive information to third-party servers, via multiple means. This post assumes that you read the first post about Devin as well. But here…

  • Gemini: Meet your new AI coding teammate: Gemini CLI GitHub Actions

    by

    Kurt Seifried
    in

    Source URL: https://blog.google/technology/developers/introducing-gemini-cli-github-actions/ Source: Gemini Title: Meet your new AI coding teammate: Gemini CLI GitHub Actions Feedly Summary: Today, we’re introducing Gemini CLI GitHub Actions. It’s a no-cost, powerful AI coding teammate for your repository. It acts both as an autonomous agent for critical rou… AI Summary and Description: Yes Summary: The introduction of Gemini…