Experimental News Clipping Site

Tag: injection

  • Cloud Blog: Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/china-nexus-espionage-targets-juniper-routers/ Source: Cloud Blog Title: Ghost in the Router: China-Nexus Espionage Actor UNC3886 Targets Juniper Routers Feedly Summary: Written by: Lukasz Lamparski, Punsaen Boonyakarn, Shawn Chew, Frank Tse, Jakub Jozwiak, Mathew Potaczek, Logeswaran Nadarajan, Nick Harbour, Mustafa Nasser Introduction In mid 2024, Mandiant discovered threat actors deployed custom backdoors on Juniper Networks’ Junos…

  • Simon Willison’s Weblog: OpenAI API: Responses vs. Chat Completions

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Mar/11/responses-vs-chat-completions/#atom-everything Source: Simon Willison’s Weblog Title: OpenAI API: Responses vs. Chat Completions Feedly Summary: OpenAI API: Responses vs. Chat Completions OpenAI released a bunch of new API platform features this morning under the headline “New tools for building agents" (their somewhat mushy interpretation of "agents" here is "systems that independently accomplish tasks on…

  • The Register: MINJA sneak attack poisons AI models for other chatbot users

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/11/minja_attack_poisons_ai_model_memory/ Source: The Register Title: MINJA sneak attack poisons AI models for other chatbot users Feedly Summary: Nothing like an OpenAI-powered agent leaking data or getting confused over what someone else whispered to it AI models with memory aim to enhance user interactions by recalling past engagements. However, this feature opens the door…

  • Alerts: CISA Adds Five Known Exploited Vulnerabilities to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/03/10/cisa-adds-five-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Five Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-25181 Advantive VeraCore SQL Injection Vulnerability CVE-2024-57968 Advantive VeraCore Unrestricted File Upload Vulnerability CVE-2024-13159 Ivanti Endpoint Manager (EPM) Absolute Path Traversal Vulnerability CVE-2024-13160 Ivanti…

  • Cloud Blog: Unraveling Time: A Deep Dive into TTD Instruction Emulation Bugs

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/topics/threat-intelligence/ttd-instruction-emulation-bugs/ Source: Cloud Blog Title: Unraveling Time: A Deep Dive into TTD Instruction Emulation Bugs Feedly Summary: Written by: Dhanesh Kizhakkinan, Nino Isakovic Executive Summary This blog post presents an in-depth exploration of Microsoft’s Time Travel Debugging (TTD) framework, a powerful record-and-replay debugging framework for Windows user-mode applications. TTD relies heavily on accurate…

  • Slashdot: Undocumented ‘Backdoor’ Found In Chinese Bluetooth Chip Used By a Billion Devices

    by

    Kurt Seifried
    in

    Source URL: https://hardware.slashdot.org/story/25/03/08/2027216/undocumented-backdoor-found-in-chinese-bluetooth-chip-used-by-a-billion-devices?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Undocumented ‘Backdoor’ Found In Chinese Bluetooth Chip Used By a Billion Devices Feedly Summary: AI Summary and Description: Yes Summary: The discovery of an undocumented backdoor in the widely used ESP32 microchip by researchers from Tarlogic Security highlights significant security vulnerabilities in IoT devices. This backdoor could facilitate various…

  • Hacker News: Undocumented backdoor found in Bluetooth chip used by a billion devices

    by

    Kurt Seifried
    in

    Source URL: https://www.bleepingcomputer.com/news/security/undocumented-backdoor-found-in-bluetooth-chip-used-by-a-billion-devices/ Source: Hacker News Title: Undocumented backdoor found in Bluetooth chip used by a billion devices Feedly Summary: Comments AI Summary and Description: Yes Summary: The discovery of an undocumented backdoor in the widely used ESP32 microchip presents significant security risks, especially in IoT devices. This backdoor allows for device spoofing, unauthorized access,…

  • Simon Willison’s Weblog: Apple Is Delaying the ‘More Personalized Siri’ Apple Intelligence Features

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Mar/8/delaying-personalized-siri/#atom-everything Source: Simon Willison’s Weblog Title: Apple Is Delaying the ‘More Personalized Siri’ Apple Intelligence Features Feedly Summary: Apple Is Delaying the ‘More Personalized Siri’ Apple Intelligence Features Apple told John Gruber (and other Apple press) this about the new “personalized" Siri: It’s going to take us longer than we thought to deliver…

  • The Register: Cybereason CEO leaves after months of boardroom blowups

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/06/cybereason_ceo_leaves/ Source: The Register Title: Cybereason CEO leaves after months of boardroom blowups Feedly Summary: Complaint alleges 13 funding proposals foundered amid battle for control Eric Gan is no longer CEO of AI security biz Cybereason after what appears to have been a protracted and unpleasant fight with investors, including the SoftBank Vision…

  • Cloud Blog: Announcing AI Protection: Security for the AI era

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/identity-security/introducing-ai-protection-security-for-the-ai-era/ Source: Cloud Blog Title: Announcing AI Protection: Security for the AI era Feedly Summary: As AI use increases, security remains a top concern, and we often hear that organizations are worried about risks that can come with rapid adoption. Google Cloud is committed to helping our customers confidently build and deploy AI…