exfiltration – Experimental News Clipping Site

Cloud Blog: Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign

Oct 9, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/oracle-ebusiness-suite-zero-day-exploitation/ Source: Cloud Blog Title: Oracle E-Business Suite Zero-Day Exploited in Widespread Extortion Campaign Feedly Summary: Written by: Peter Ukhanov, Genevieve Stark, Zander Work, Ashley Pearson, Josh Murchie, Austin Larsen Introduction Beginning Sept. 29, 2025, Google Threat Intelligence Group (GTIG) and Mandiant began tracking a new, large-scale extortion campaign by a threat actor…

Cisco Talos Blog: Velociraptor leveraged in ransomware attacks

Oct 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/velociraptor-leveraged-in-ransomware-attacks/ Source: Cisco Talos Blog Title: Velociraptor leveraged in ransomware attacks Feedly Summary: Cisco Talos has confirmed that ransomware operators are leveraging Velociraptor, an open-source digital forensics and incident response (DFIR) tool that had not previously been definitively tied to ransomware incidents. We assess with moderate confidence that this activity can be attributed to…

Microsoft Security Blog: Disrupting threats targeting Microsoft Teams

Oct 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/07/disrupting-threats-targeting-microsoft-teams/ Source: Microsoft Security Blog Title: Disrupting threats targeting Microsoft Teams Feedly Summary: Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps,…

Slashdot: Redis Warns of Critical Flaw Impacting Thousands of Instances

Oct 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/10/06/222222/redis-warns-of-critical-flaw-impacting-thousands-of-instances?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Redis Warns of Critical Flaw Impacting Thousands of Instances Feedly Summary: AI Summary and Description: Yes Summary: The Redis security team has issued critical patches for a vulnerability (CVE-2025-49844) that could allow remote code execution on a significant number of instances. This vulnerability, stemming from a long-standing issue in…

Microsoft Security Blog: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability

Oct 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/06/investigating-active-exploitation-of-cve-2025-10035-goanywhere-managed-file-transfer-vulnerability/ Source: Microsoft Security Blog Title: Investigating active exploitation of CVE-2025-10035 GoAnywhere Managed File Transfer vulnerability Feedly Summary: Storm-1175, a financially motivated actor known for deploying Medusa ransomware and exploiting public-facing applications for initial access, was observed exploiting the deserialization vulnerability in GoAnywhere MFT’s License Servlet, tracked as CVE-2025-10035. We are publishing this…

Simon Willison’s Weblog: Designing agentic loops

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Sep/30/designing-agentic-loops/ Source: Simon Willison’s Weblog Title: Designing agentic loops Feedly Summary: Coding agents like Anthropic’s Claude Code and OpenAI’s Codex CLI represent a genuine step change in how useful LLMs can be for producing working code. These agents can now directly exercise the code they are writing, correct errors, dig through existing implementation…

Cloud Blog: Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations/ Source: Cloud Blog Title: Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations Feedly Summary: Written by: Omar ElAhdan, Matthew McWhirt, Michael Rudden, Aswad Robinson, Bhavesh Dhake, Laith Al Background Protecting software-as-a-service (SaaS) platforms and applications requires a comprehensive security strategy. Drawing…

Schneier on Security: Abusing Notion’s AI Agent for Data Theft

Sep 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/09/abusing-notions-ai-agent-for-data-theft.html Source: Schneier on Security Title: Abusing Notion’s AI Agent for Data Theft Feedly Summary: Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private…

Simon Willison’s Weblog: ForcedLeak: AI Agent risks exposed in Salesforce AgentForce

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Sep/26/agentforce/#atom-everything Source: Simon Willison’s Weblog Title: ForcedLeak: AI Agent risks exposed in Salesforce AgentForce Feedly Summary: ForcedLeak: AI Agent risks exposed in Salesforce AgentForce Classic lethal trifecta image exfiltration bug reported against Salesforce AgentForce by Sasi Levi and Noma Security. Here the malicious instructions come in via the Salesforce Web-to-Lead feature. When a…

Simon Willison’s Weblog: How to stop AI’s “lethal trifecta”

Sep 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Sep/26/how-to-stop-ais-lethal-trifecta/ Source: Simon Willison’s Weblog Title: How to stop AI’s “lethal trifecta” Feedly Summary: How to stop AI’s “lethal trifecta” This is the second mention of the lethal trifecta in the Economist in just the last week! Their earlier coverage was Why AI systems may never be secure on September 22nd – I…

Tag: exfiltration