DNS – Page 2 – Experimental News Clipping Site

Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

Aug 19, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

Simon Willison’s Weblog: The Summer of Johann: prompt injections as far as the eye can see

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/15/the-summer-of-johann/#atom-everything Source: Simon Willison’s Weblog Title: The Summer of Johann: prompt injections as far as the eye can see Feedly Summary: Independent AI researcher Johann Rehberger has had an absurdly busy August. Under the heading The Month of AI Bugs he has been publishing one report per day across an array of different…

Cloud Blog: Designing a multi-tenant GKE platform for Yahoo Mail’s migration journey

Aug 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/containers-kubernetes/understanding-yahoo-mails-multi-tenant-gke-platform-design/ Source: Cloud Blog Title: Designing a multi-tenant GKE platform for Yahoo Mail’s migration journey Feedly Summary: Yahoo is in the midst of a multi-year journey to migrate its renowned Yahoo Mail application onto Google Cloud. With more than 100 services and middleware components in the application, Yahoo Mail is primarily taking a…

Embrace The Red: Claude Code: Data Exfiltration with DNS Requests

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/claude-code-exfiltration-via-dns-requests/ Source: Embrace The Red Title: Claude Code: Data Exfiltration with DNS Requests Feedly Summary: Today we cover Claude Code and a high severity vulnerability that Anthropic fixed in early June. The vulnerability allowed an attacker to hijack Claude Code via indirect prompt injection and leak sensitive information from the developer’s machine, e.g.…

Simon Willison’s Weblog: ChatGPT agent’s user-agent

Aug 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/4/chatgpt-agents-user-agent/#atom-everything Source: Simon Willison’s Weblog Title: ChatGPT agent’s user-agent Feedly Summary: I was exploring how ChatGPT agent works today. I learned some interesting things about how it exposes its identity through HTTP headers, then made a huge blunder in thinking it was leaking its URLs to Bingbot and Yandex… but it turned out…

Simon Willison’s Weblog: ChatGPT agent triggers crawls from Bingbot and Yandex

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/4/chatgpt-agents-agent/#atom-everything Source: Simon Willison’s Weblog Title: ChatGPT agent triggers crawls from Bingbot and Yandex Feedly Summary: ChatGPT agent is the recently released (and confusingly named) ChatGPT feature that provides browser automation combined with terminal access as a feature of ChatGPT – replacing their previous Operator research preview which is scheduled for deprecation on…

The Cloudflare Blog: Vulnerability disclosure on SSL for SaaS v1 (Managed CNAME)

Aug 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/vulnerability-disclosure-on-ssl-for-saas-v1-managed-cname/ Source: The Cloudflare Blog Title: Vulnerability disclosure on SSL for SaaS v1 (Managed CNAME) Feedly Summary: An upcoming vulnerability disclosure in Cloudflare’s SSL for SaaSv1 is detailed, explaining the steps we’ve taken towards deprecation. AI Summary and Description: Yes Summary: The text discusses a vulnerability discovered in Cloudflare’s SSL for SaaS v1…

Slashdot: Cisco Donates the AGNTCY Project to the Linux Foundation

Jul 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://linux.slashdot.org/story/25/07/29/2053245/cisco-donates-the-agntcy-project-to-the-linux-foundation?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Cisco Donates the AGNTCY Project to the Linux Foundation Feedly Summary: AI Summary and Description: Yes Summary: Cisco’s donation of its AGNTCY initiative to the Linux Foundation seeks to establish an open-standard “Internet of Agents” to enhance interoperability among AI agents from different vendors. This framework addresses several key…

CSA: Homoglyph Attacks & Domain Squatting

Jul 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloudsecurityalliance.org/articles/homoglyph-attacks-domain-squatting-the-hidden-risk-to-your-brand Source: CSA Title: Homoglyph Attacks & Domain Squatting Feedly Summary: AI Summary and Description: Yes Summary: The text highlights the escalating threat posed by homoglyph-based domain squatting, emphasizing its potential impact on brand trust and cloud security. It underscores the need for proactive DNS posture management to detect and mitigate these risks,…

Cloud Blog: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944

Jul 23, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/defending-vsphere-from-unc3944/ Source: Cloud Blog Title: From Help Desk to Hypervisor: Defending Your VMware vSphere Estate from UNC3944 Feedly Summary: Introduction In mid 2025, Google Threat Intelligence Group (GITG) identified a sophisticated and aggressive cyber campaign targeting multiple industries, including retail, airline, and insurance. This was the work of UNC3944, a financially motivated threat…

Tag: DNS