Experimental News Clipping Site

Tag: coding

  • Simon Willison’s Weblog: How to stop AI’s “lethal trifecta”

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/26/how-to-stop-ais-lethal-trifecta/ Source: Simon Willison’s Weblog Title: How to stop AI’s “lethal trifecta” Feedly Summary: How to stop AI’s “lethal trifecta” This is the second mention of the lethal trifecta in the Economist in just the last week! Their earlier coverage was Why AI systems may never be secure on September 22nd – I…

  • The Register: Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/26/microsoft_xcsset_macos/ Source: The Register Title: Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects Feedly Summary: Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses The long-running XCSSET malware strain has evolved again, with Microsoft warning of a new macOS variant that expands its bag of tricks while…

  • Docker: The Trust Paradox: When Your AI Gets Catfished

    by

    Kurt Seifried
    in

    Source URL: https://www.docker.com/blog/mcp-prompt-injection-trust-paradox/ Source: Docker Title: The Trust Paradox: When Your AI Gets Catfished Feedly Summary: The fundamental challenge with MCP-enabled attacks isn’t technical sophistication. It’s that hackers have figured out how to catfish your AI. These attacks work because they exploit the same trust relationships that make your development team actually functional. When your…

  • Simon Willison’s Weblog: Cross-Agent Privilege Escalation: When Agents Free Each Other

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/24/cross-agent-privilege-escalation/ Source: Simon Willison’s Weblog Title: Cross-Agent Privilege Escalation: When Agents Free Each Other Feedly Summary: Cross-Agent Privilege Escalation: When Agents Free Each Other Here’s a clever new form of AI exploit from Johann Rehberger, who has coined the term Cross-Agent Privilege Escalation to describe an attack where multiple coding agents – GitHub…

  • Gemini: Google AI Pro and Ultra subscribers now get Gemini CLI and Gemini Code Assist with higher limits.

    by

    Kurt Seifried
    in

    Source URL: https://blog.google/technology/developers/gemini-cli-code-assist-higher-limits/ Source: Gemini Title: Google AI Pro and Ultra subscribers now get Gemini CLI and Gemini Code Assist with higher limits. Feedly Summary: Google AI Pro and Ultra subscribers now get higher limits to Gemini CLI and Gemini Code Assist IDE extensions. AI Summary and Description: Yes Summary: Google has made an update…

  • Microsoft Security Blog: AI vs. AI: Detecting an AI-obfuscated phishing campaign

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/09/24/ai-vs-ai-detecting-an-ai-obfuscated-phishing-campaign/ Source: Microsoft Security Blog Title: AI vs. AI: Detecting an AI-obfuscated phishing campaign Feedly Summary: Microsoft Threat Intelligence recently detected and blocked a credential phishing campaign that likely used AI-generated code to obfuscate its payload and evade traditional defenses, demonstrating a broader trend of attackers leveraging AI to increase the effectiveness of…

  • Simon Willison’s Weblog: GPT-5-Codex

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/23/gpt-5-codex/#atom-everything Source: Simon Willison’s Weblog Title: GPT-5-Codex Feedly Summary: GPT-5-Codex OpenAI half-relased this model earlier this month, adding it to their Codex CLI tool but not their API. Today they’ve fixed that – the new model can now be accessed as gpt-5-codex. It’s priced the same as regular GPT-5: $1.25/million input tokens, $10/million…

  • Anchore: Strengthening Software Security: The Anchore and Chainguard Partnership

    by

    Kurt Seifried
    in

    Source URL: https://anchore.com/blog/chainguard-partnership/ Source: Anchore Title: Strengthening Software Security: The Anchore and Chainguard Partnership Feedly Summary: In 2018, Anchore partnered with the US Air Force on Platform One, a project focused on integrating DevSecOps principles into government software development. A core part of that project was the launch of the Iron Bank, a repository of…