data leakage – Page 2 – Experimental News Clipping Site

Cloud Blog: Announcing new capabilities for enabling defenders and securing AI innovation

Aug 19, 2025

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/security-summit-2025-enabling-defenders-and-securing-ai-innovation/ Source: Cloud Blog Title: Announcing new capabilities for enabling defenders and securing AI innovation Feedly Summary: AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment. From proactively finding zero-day vulnerabilities to processing vast amounts of threat intelligence data in…

Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

OpenAI : gpt-oss-120b & gpt-oss-20b Model Card

Aug 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://openai.com/index/gpt-oss-model-card Source: OpenAI Title: gpt-oss-120b & gpt-oss-20b Model Card Feedly Summary: We introduce gpt-oss-120b and gpt-oss-20b, two open-weight reasoning models available under the Apache 2.0 license and our gpt-oss usage policy. AI Summary and Description: Yes Summary: The introduction of gpt-oss-120b and gpt-oss-20b highlights the development of open-weight reasoning models, which reflects significant…

Cloud Blog: How Cake, Vietnam’s leading digital bank, found the right mix of simplicity and security with ChromeOS and Chrome Enterprise

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/chrome-enterprise/how-cake-vietnams-leading-digital-bank-found-the-right-mix-of-simplicity-and-security-with-chromeos-and-chrome-enterprise/ Source: Cloud Blog Title: How Cake, Vietnam’s leading digital bank, found the right mix of simplicity and security with ChromeOS and Chrome Enterprise Feedly Summary: Editor’s note: Today’s post is by Hiển Từ Thế (Jay), Chief Technology Officer for Cake Digital Bank, a prominent digital-only bank in Vietnam offering a comprehensive suite…

Embrace The Red: Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection

Aug 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/chatgpt-chat-history-data-exfiltration/ Source: Embrace The Red Title: Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection Feedly Summary: In this post we demonstrate how a bypass in OpenAI’s “safe URL” rendering feature allows ChatGPT to send personal information to a third-party server. This can be exploited by an adversary via a prompt injection…

Google Online Security Blog: Advancing Protection in Chrome on Android

Jul 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://security.googleblog.com/2025/07/advancing-protection-in-chrome-on.html Source: Google Online Security Blog Title: Advancing Protection in Chrome on Android Feedly Summary: AI Summary and Description: Yes Summary: The text describes the integration of Google’s Advanced Protection Program into Android and Chrome, focusing on new security features aimed at safeguarding at-risk users, such as journalists and public figures. It highlights…

Embrace The Red: Security Advisory: Anthropic’s Slack MCP Server Vulnerable to Data Exfiltration

Jun 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/security-advisory-anthropic-slack-mcp-server-data-leakage/ Source: Embrace The Red Title: Security Advisory: Anthropic’s Slack MCP Server Vulnerable to Data Exfiltration Feedly Summary: This is a security advisory for a data leakage and exfiltration vulnerability in a popular, but now deprecated and unmaintained, Slack MCP Server from Anthropic. If you are using this MCP server, or run an…

The Register: Asana’s cutting-edge AI feature ran into a little data leakage problem

Jun 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/06/18/asana_mcp_server_bug/ Source: The Register Title: Asana’s cutting-edge AI feature ran into a little data leakage problem Feedly Summary: New MCP server was shut down for nearly two weeks Asana has fixed a bug in its Model Context Protocol (MCP) server that could have allowed users to view other organizations’ data, and the experimental…

Slashdot: How Do Olympiad Medalists Judge LLMs in Competitive Programming?

Jun 17, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://slashdot.org/story/25/06/17/149238/how-do-olympiad-medalists-judge-llms-in-competitive-programming?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: How Do Olympiad Medalists Judge LLMs in Competitive Programming? Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a newly established benchmark demonstrating that large language models (LLMs) are not yet capable of outperforming elite human coders, particularly in problem-solving contexts. The findings indicate limitations in the…

Simon Willison’s Weblog: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft

May 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/May/23/remote-prompt-injection-in-gitlab-duo/ Source: Simon Willison’s Weblog Title: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Feedly Summary: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Yet another example of the classic Markdown image exfiltration attack, this time affecting GitLab Duo – GitLab’s chatbot. Omer Mayraz reports on how…

Tag: data leakage