Experimental News Clipping Site

Tag: information leakage

  • The Register: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/02/exposed_ollama_servers_insecure_research/ Source: The Register Title: In the rush to adopt hot new tech, security is often forgotten. AI is no exception Feedly Summary: Cisco finds hundreds of Ollama servers open to unauthorized access, creating various nasty risks Cisco’s Talos security research team has found over 1,100 Ollama servers exposed to the public internet,…

  • Embrace The Red: How Devin AI Can Leak Your Secrets Via Multiple Means

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/devin-can-leak-your-secrets/ Source: Embrace The Red Title: How Devin AI Can Leak Your Secrets Via Multiple Means Feedly Summary: In this post we show how an attacker can make Devin send sensitive information to third-party servers, via multiple means. This post assumes that you read the first post about Devin as well. But here…

  • Cloud Blog: Cloud CISO Perspectives: How Google secures AI Agents

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-how-google-secures-ai-agents/ Source: Cloud Blog Title: Cloud CISO Perspectives: How Google secures AI Agents Feedly Summary: Welcome to the first Cloud CISO Perspectives for June 2025. Today, Anton Chuvakin, security advisor for Google Cloud’s Office of the CISO, discusses a new Google report on securing AI agents, and the new security paradigm they demand.As…

  • Simon Willison’s Weblog: Using pip to install a Large Language Model that’s under 100MB

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Feb/7/pip-install-llm-smollm2/ Source: Simon Willison’s Weblog Title: Using pip to install a Large Language Model that’s under 100MB Feedly Summary: I just released llm-smollm2, a new plugin for LLM that bundles a quantized copy of the SmolLM2-135M-Instruct LLM inside of the Python package. This means you can now pip install a full LLM! If…

  • Hacker News: New Speculative Attacks on Apple CPUs

    by

    Kurt Seifried
    in

    Source URL: https://predictors.fail/ Source: Hacker News Title: New Speculative Attacks on Apple CPUs Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses side-channel attacks, which exploit hardware-level vulnerabilities to extract sensitive information, highlighting the risks associated with shared CPU resources. This is particularly relevant for security professionals focused on hardware security and…

  • Hacker News: Susctl CVE-2024-54507: A particularly ‘sus’ sysctl in the XNU kernel

    by

    Kurt Seifried
    in

    Source URL: https://jprx.io/cve-2024-54507/ Source: Hacker News Title: Susctl CVE-2024-54507: A particularly ‘sus’ sysctl in the XNU kernel Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a security vulnerability (CVE-2024-54507) within the XNU kernel related to the sysctl interface, leading to an out-of-bounds read. This provides an important case study for software…