Tag: injection
-
The Register: OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries
Source URL: https://www.theregister.com/2025/01/19/openais_chatgpt_crawler_vulnerability/ Source: The Register Title: OpenAI’s ChatGPT crawler can be tricked into DDoSing sites, answering your queries Feedly Summary: The S in LLM stands for Security OpenAI’s ChatGPT crawler appears to be willing to initiate distributed denial of service (DDoS) attacks on arbitrary websites, a reported vulnerability the tech giant has yet to…
-
Simon Willison’s Weblog: Lessons From Red Teaming 100 Generative AI Products
Source URL: https://simonwillison.net/2025/Jan/18/lessons-from-red-teaming/ Source: Simon Willison’s Weblog Title: Lessons From Red Teaming 100 Generative AI Products Feedly Summary: Lessons From Red Teaming 100 Generative AI Products New paper from Microsoft describing their top eight lessons learned red teaming (deliberately seeking security vulnerabilities in) 100 different generative AI models and products over the past few years.…
-
CSA: AI and Compliance for the Mid-Market
Source URL: https://www.scrut.io/post/ai-and-compliance-for-the-mid-market Source: CSA Title: AI and Compliance for the Mid-Market Feedly Summary: AI Summary and Description: Yes **Summary:** The text emphasizes the urgent need for small and medium-sized businesses (SMBs) to adopt AI responsibly, given the potential cybersecurity vulnerabilities and evolving regulatory landscape associated with AI technologies. It outlines practical guidance and standards…
-
The Register: Just as your LLM once again goes off the rails, Cisco, Nvidia are at the door smiling
Source URL: https://www.theregister.com/2025/01/17/nvidia_cisco_ai_guardrails_security/ Source: The Register Title: Just as your LLM once again goes off the rails, Cisco, Nvidia are at the door smiling Feedly Summary: Some of you have apparently already botched chatbots or allowed ‘shadow AI’ to creep in Cisco and Nvidia have both recognized that as useful as today’s AI may be,…
-
Cisco Talos Blog: Find the helpers
Source URL: https://blog.talosintelligence.com/find-the-helpers/ Source: Cisco Talos Blog Title: Find the helpers Feedly Summary: Bill discusses how to find ‘the helpers’ and the importance of knowledge sharing. Plus, there’s a lot to talk about in our latest vulnerability roundup. AI Summary and Description: Yes Summary: This edition of the Threat Source newsletter emphasizes the importance of…
-
Alerts: CISA Adds One Known Exploited Vulnerability to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/01/16/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-50603 Aviatrix Controllers OS Command Injection Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose significant risks…
-
The Register: Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge
Source URL: https://www.theregister.com/2025/01/16/raspberry_pi_awards_prizes_for/ Source: The Register Title: Raspberry Pi hands out prizes to all in the RP2350 Hacking Challenge Feedly Summary: Power-induced glitches, lasers, and electromagnetic fields are all tools of the trade Raspberry Pi has given out prizes for extracting a secret value from the one-time-programmable (OTP) memory of the Raspberry Pi RP2350 microcontroller…