Tag: exploit
-
The Register: How nice that state-of-the-art LLMs reveal their reasoning … for miscreants to exploit
Source URL: https://www.theregister.com/2025/02/25/chain_of_thought_jailbreaking/ Source: The Register Title: How nice that state-of-the-art LLMs reveal their reasoning … for miscreants to exploit Feedly Summary: Blueprints shared for jail-breaking models that expose their chain-of-thought process Analysis AI models like OpenAI o1/o3, DeepSeek-R1, and Gemini 2.0 Flash Thinking can mimic human reasoning through a process called chain of thought.……
-
Hacker News: US asked to kick UK out of Five Eyes
Source URL: https://www.computerweekly.com/news/366619170/UK-accused-of-political-foreign-cyberattack-on-US-after-serving-secret-snooping-order-on-Apple Source: Hacker News Title: US asked to kick UK out of Five Eyes Feedly Summary: Comments AI Summary and Description: Yes Summary: The letter from US Congress highlights concerns over the UK’s push for Apple to compromise its Advanced Data Protection system, threatening US-UK intelligence sharing and raising alarms about potential exploitation…
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/24/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2017-3066 Adobe ColdFusion Deserialization Vulnerability CVE-2024-20953 Oracle Agile Product Lifecycle Management (PLM) Deserialization Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…
-
Slashdot: Google To Eliminate SMS Authentication in Gmail, Implement QR Codes
Source URL: https://tech.slashdot.org/story/25/02/24/1442246/google-to-eliminate-sms-authentication-in-gmail-implement-qr-codes?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google To Eliminate SMS Authentication in Gmail, Implement QR Codes Feedly Summary: AI Summary and Description: Yes Summary: Google is transitioning away from SMS verification codes for Gmail authentication, opting for QR codes instead. This shift addresses significant vulnerabilities related to SMS-based authentication, such as phishing and fraud, thereby…
-
Hacker News: Grok 3 is highly vulnerable to indirect prompt injection
Source URL: https://simonwillison.net/2025/Feb/23/grok-3-indirect-prompt-injection/ Source: Hacker News Title: Grok 3 is highly vulnerable to indirect prompt injection Feedly Summary: Comments AI Summary and Description: Yes Summary: The text highlights significant vulnerabilities in xAI’s Grok 3 related to indirect prompt injection attacks, especially in the context of its operation on Twitter (X). This raises critical security concerns…
-
Schneier on Security: More Research Showing AI Breaking the Rules
Source URL: https://www.schneier.com/blog/archives/2025/02/more-research-showing-ai-breaking-the-rules.html Source: Schneier on Security Title: More Research Showing AI Breaking the Rules Feedly Summary: These researchers had LLMs play chess against better opponents. When they couldn’t win, they sometimes resorted to cheating. Researchers gave the models a seemingly impossible task: to win against Stockfish, which is one of the strongest chess engines…