Experimental News Clipping Site

Tag: continuous monitoring

  • The Register: Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/04/22/ssl_com_validation_flaw/ Source: The Register Title: Bug hunter tricked SSL.com into issuing cert for Alibaba Cloud domain in 5 steps Feedly Summary: 10 other certificates ‘were mis-issued and have now been revoked’ Certificate issuer SSL.com’s domain validation system had an unfortunate bug that was exploited by miscreants to obtain, without authorization, digital certs for…

  • CSA: Oracle Cloud Breach: Mitigate Attacks with Agentic AI

    by

    Kurt Seifried
    in

    Source URL: https://cloudsecurityalliance.org/articles/oracle-cloud-infrastructure-breach-mitigating-future-attacks-with-agentic-ai Source: CSA Title: Oracle Cloud Breach: Mitigate Attacks with Agentic AI Feedly Summary: AI Summary and Description: Yes Summary: The text outlines a significant security breach within Oracle Cloud Infrastructure (OCI) affecting its Identity Manager systems. It provides insights into the attack’s anatomy, the vulnerabilities exploited, the impact of data exfiltration, and…

  • Simon Willison’s Weblog: Quoting James Betker

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Apr/16/james-betker/#atom-everything Source: Simon Willison’s Weblog Title: Quoting James Betker Feedly Summary: I work for OpenAI. […] o4-mini is actually a considerably better vision model than o3, despite the benchmarks. Similar to how o3-mini-high was a much better coding model than o1. I would recommend using o4-mini-high over o3 for any task involving vision.…

  • The Register: AI can’t stop making up software dependencies and sabotaging everything

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/04/12/ai_code_suggestions_sabotage_supply_chain/ Source: The Register Title: AI can’t stop making up software dependencies and sabotaging everything Feedly Summary: Hallucinated package names fuel ‘slopsquatting’ The rise of AI-powered code generation tools is reshaping how developers write software – and introducing new risks to the software supply chain in the process.… AI Summary and Description: Yes…

  • Wired: Sex-Fantasy Chatbots Are Leaking a Constant Stream of Explicit Messages

    by

    Kurt Seifried
    in

    Source URL: https://www.wired.com/story/sex-fantasy-chatbots-are-leaking-explicit-messages-every-minute/ Source: Wired Title: Sex-Fantasy Chatbots Are Leaking a Constant Stream of Explicit Messages Feedly Summary: Some misconfigured AI chatbots are pushing people’s chats to the open web—revealing sexual prompts and conversations that include descriptions of child sexual abuse. AI Summary and Description: Yes Summary: The text highlights a critical security issue related…

  • The Register: Chrome to patch decades-old flaw that let sites peek at your history

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/04/07/chrome_135_history_sniffing/ Source: The Register Title: Chrome to patch decades-old flaw that let sites peek at your history Feedly Summary: After 23 years, the privacy plumber has finally arrived to clean up this mess A 23-year-old side-channel attack for spying on people’s web browsing histories will get shut down in the forthcoming Chrome 136,…

  • Slashdot: DeepMind Details All the Ways AGI Could Wreck the World

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/04/03/2236242/deepmind-details-all-the-ways-agi-could-wreck-the-world Source: Slashdot Title: DeepMind Details All the Ways AGI Could Wreck the World Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a technical paper from DeepMind that explores the potential risks associated with the development of Artificial General Intelligence (AGI) and offers suggestions for safe development practices. It highlights…

  • Slashdot: Oracle Tells Clients of Second Recent Hack, Log-In Data Stolen

    by

    Kurt Seifried
    in

    Source URL: https://developers.slashdot.org/story/25/04/03/198224/oracle-tells-clients-of-second-recent-hack-log-in-data-stolen?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Oracle Tells Clients of Second Recent Hack, Log-In Data Stolen Feedly Summary: AI Summary and Description: Yes Summary: The recent report highlights a significant cybersecurity breach at Oracle, where hackers accessed client login credentials. This incident is notable for security and compliance professionals given its implications for data protection…

  • The Register: Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/04/03/suspected_chines_snoops_hijacked_buggy/ Source: The Register Title: Suspected Chinese spies right now hijacking buggy Ivanti gear – for third time in 3 years Feedly Summary: Simple denial-of-service blunder turned out to be a remote unauth code exec disaster Suspected Chinese government spies have been exploiting a newly disclosed critical bug in Ivanti VPN appliances since…