Tag: disclosure
-
The Cloudflare Blog: Block unsafe prompts targeting your LLM endpoints with Firewall for AI
Source URL: https://blog.cloudflare.com/block-unsafe-llm-prompts-with-firewall-for-ai/ Source: The Cloudflare Blog Title: Block unsafe prompts targeting your LLM endpoints with Firewall for AI Feedly Summary: Cloudflare’s AI security suite now includes unsafe content moderation, integrated into the Application Security Suite via Firewall for AI. AI Summary and Description: Yes Summary: The text discusses the launch of Cloudflare’s Firewall for…
-
Schneier on Security: Encryption Backdoor in Military/Police Radios
Source URL: https://www.schneier.com/blog/archives/2025/08/encryption-backdoor-in-military-police-radios.html Source: Schneier on Security Title: Encryption Backdoor in Military/Police Radios Feedly Summary: I wrote about this in 2023. Here’s the story: Three Dutch security analysts discovered the vulnerabilities—five in total—in a European radio standard called TETRA (Terrestrial Trunked Radio), which is used in radios made by Motorola, Damm, Hytera, and others. The…
-
Slashdot: Microsoft Reportedly Cuts China’s Early Access to Bug Disclosures, PoC Exploit Code
Source URL: https://it.slashdot.org/story/25/08/22/2059255/microsoft-reportedly-cuts-chinas-early-access-to-bug-disclosures-poc-exploit-code Source: Slashdot Title: Microsoft Reportedly Cuts China’s Early Access to Bug Disclosures, PoC Exploit Code Feedly Summary: AI Summary and Description: Yes Summary: Microsoft has modified its Microsoft Active Protections Program (MAPP) to restrict access to proof-of-concept exploit code for companies in certain countries, including China, to combat the leak of sensitive…
-
The Register: Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code
Source URL: https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/ Source: The Register Title: Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code Feedly Summary: Better late than never after SharePoint assault? Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month’s SharePoint zero-day attacks, which appear to be related to a leak…
-
The Register: Microsoft stays mum about M365 Copilot on-demand security bypass
Source URL: https://www.theregister.com/2025/08/20/microsoft_mum_about_m365_copilot/ Source: The Register Title: Microsoft stays mum about M365 Copilot on-demand security bypass Feedly Summary: Redmond doesn’t bother informing customers about some security fixes Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.… AI Summary and Description: Yes Summary: The text highlights a concerning practice by…
-
Docker: The Supply Chain Paradox: When “Hardened” Images Become a Vendor Lock-in Trap
Source URL: https://www.docker.com/blog/hardened-container-images-security-vendor-lock-in/ Source: Docker Title: The Supply Chain Paradox: When “Hardened” Images Become a Vendor Lock-in Trap Feedly Summary: The market for pre-hardened container images is experiencing explosive growth as security-conscious organizations pursue the ultimate efficiency: instant security with minimal operational overhead. The value proposition is undeniably compelling—hardened images with minimal dependencies promise security…
-
The Cloudflare Blog: MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations
Source URL: https://blog.cloudflare.com/madeyoureset-an-http-2-vulnerability-thwarted-by-rapid-reset-mitigations/ Source: The Cloudflare Blog Title: MadeYouReset: An HTTP/2 vulnerability thwarted by Rapid Reset mitigations Feedly Summary: A new HTTP/2 denial-of-service (DoS) vulnerability called MadeYouReset was recently disclosed by security researchers. Cloudflare HTTP DDoS mitigation, already protects from MadeYouReset. AI Summary and Description: Yes Summary: The text discusses a newly identified HTTP/2 DoS…