Experimental News Clipping Site

Tag: issue

  • The Cloudflare Blog: Cloudflare incident on August 21, 2025

    by

    Kurt Seifried
    in

    Source URL: https://blog.cloudflare.com/cloudflare-incident-on-august-21-2025/ Source: The Cloudflare Blog Title: Cloudflare incident on August 21, 2025 Feedly Summary: On August 21, 2025, an influx of traffic directed toward clients hosted in AWS us-east-1 caused severe congestion on links between Cloudflare and us-east-1. In this post, we explain the details. AI Summary and Description: Yes Summary: The incident…

  • The Register: Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/microsoft_cuts_chinas_early_access/ Source: The Register Title: Microsoft reportedly cuts China’s early access to bug disclosures, PoC exploit code Feedly Summary: Better late than never after SharePoint assault? Microsoft has reportedly stopped giving Chinese companies proof-of-concept exploit code for soon-to-be-disclosed vulnerabilities following last month’s SharePoint zero-day attacks, which appear to be related to a leak…

  • The Register: Honey, I shrunk the image and now I’m pwned

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/google_gemini_image_scaling_attack/ Source: The Register Title: Honey, I shrunk the image and now I’m pwned Feedly Summary: Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge…

  • Microsoft Security Blog: Think before you Click(Fix): Analyzing the ClickFix social engineering technique

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/ Source: Microsoft Security Blog Title: Think before you Click(Fix): Analyzing the ClickFix social engineering technique Feedly Summary: The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. This technique exploits users’ tendency to resolve technical issues by tricking them into running malicious…

  • Cloud Blog: Intelligent code conversion: Databricks Spark SQL to BigQuery SQL via Gemini

    by

    Kurt Seifried
    in

    Source URL: https://cloud.google.com/blog/products/data-analytics/automate-sql-translation-databricks-to-bigquery-with-gemini/ Source: Cloud Blog Title: Intelligent code conversion: Databricks Spark SQL to BigQuery SQL via Gemini Feedly Summary: As data platforms evolve and businesses diversify their cloud ecosystems, the need to migrate SQL workloads between engines is becoming increasingly common. Recently, I had the opportunity to work on translating a set of Databricks…

  • The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

  • Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…

  • The Register: Microsoft stays mum about M365 Copilot on-demand security bypass

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/20/microsoft_mum_about_m365_copilot/ Source: The Register Title: Microsoft stays mum about M365 Copilot on-demand security bypass Feedly Summary: Redmond doesn’t bother informing customers about some security fixes Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.… AI Summary and Description: Yes Summary: The text highlights a concerning practice by…

  • Slashdot: Harvard Dropouts To Launch ‘Always On’ AI Smart Glasses That Listen, Record Every Conversation

    by

    Kurt Seifried
    in

    Source URL: https://hardware.slashdot.org/story/25/08/20/2058229/harvard-dropouts-to-launch-always-on-ai-smart-glasses-that-listen-record-every-conversation?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Harvard Dropouts To Launch ‘Always On’ AI Smart Glasses That Listen, Record Every Conversation Feedly Summary: AI Summary and Description: Yes Summary: The launch of Halo X smart glasses represents an innovative leap in AI-powered wearable technology, capitalizing on continuous audio capture and real-time information delivery. This technology raises…