Tag: exploit
-
Schneier on Security: Abusing Notion’s AI Agent for Data Theft
Source URL: https://www.schneier.com/blog/archives/2025/09/abusing-notions-ai-agent-for-data-theft.html Source: Schneier on Security Title: Abusing Notion’s AI Agent for Data Theft Feedly Summary: Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection. First, the trifecta: The lethal trifecta of capabilities is: Access to your private…
-
OpenAI : Combating online child sexual exploitation & abuse
Source URL: https://openai.com/index/combating-online-child-sexual-exploitation-abuse Source: OpenAI Title: Combating online child sexual exploitation & abuse Feedly Summary: Discover how OpenAI combats online child sexual exploitation and abuse with strict usage policies, advanced detection tools, and industry collaboration to block, report, and prevent AI misuse. AI Summary and Description: Yes Summary: The text discusses OpenAI’s initiatives to combat…
-
Wired: Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say
Source URL: https://www.wired.com/story/tile-tracking-tags-can-be-exploited-by-tech-savvy-stalkers-researchers-say/ Source: Wired Title: Tile Tracking Tags Can Be Exploited by Tech-Savvy Stalkers, Researchers Say Feedly Summary: A team of researchers found that, by not encrypting the data broadcast by Tile tags, users could be vulnerable to having their location information exposed to malicious actors. AI Summary and Description: Yes Summary: The text…
-
The Register: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign
Source URL: https://www.theregister.com/2025/09/27/rednovember_chinese_espionage/ Source: The Register Title: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign Feedly Summary: Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the…
-
Simon Willison’s Weblog: ForcedLeak: AI Agent risks exposed in Salesforce AgentForce
Source URL: https://simonwillison.net/2025/Sep/26/agentforce/#atom-everything Source: Simon Willison’s Weblog Title: ForcedLeak: AI Agent risks exposed in Salesforce AgentForce Feedly Summary: ForcedLeak: AI Agent risks exposed in Salesforce AgentForce Classic lethal trifecta image exfiltration bug reported against Salesforce AgentForce by Sasi Levi and Noma Security. Here the malicious instructions come in via the Salesforce Web-to-Lead feature. When a…
-
Unit 42: Threat Insights: Active Exploitation of Cisco ASA Zero Days
Source URL: https://unit42.paloaltonetworks.com/zero-day-vulnerabilities-affect-cisco-software/ Source: Unit 42 Title: Threat Insights: Active Exploitation of Cisco ASA Zero Days Feedly Summary: CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.…