machine – Page 13 – Experimental News Clipping Site

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

Cloud Blog: A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/analyzing-cornflake-v3-backdoor/ Source: Cloud Blog Title: A Cereal Offender: Analyzing the CORNFLAKE.V3 Backdoor Feedly Summary: Written by: Marco Galli Welcome to the Frontline Bulletin Series Straight from Mandiant Threat Defense, the “Frontline Bulletin" series brings you the latest on the most intriguing compromises we are seeing in the wild right now, equipping our community…

Embrace The Red: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-interprets-hidden-instructions/ Source: Embrace The Red Title: Amazon Q Developer for VS Code Vulnerable to Invisible Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a very popular coding agent, with over 1 million downloads. In previous posts we showed how prompt injection vulnerabilities in Amazon Q could lead…

Schneier on Security: Subverting AIOps Systems Through Poisoned Input Data

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html Source: Schneier on Security Title: Subverting AIOps Systems Through Poisoned Input Data Feedly Summary: In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts,…

Cloud Blog: Rightsizing LLM Serving on vLLM for GPUs and TPUs

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/developers-practitioners/rightsizing-llm-serving-on-vllm-for-gpus-and-tpus/ Source: Cloud Blog Title: Rightsizing LLM Serving on vLLM for GPUs and TPUs Feedly Summary: Additional contributors include Hossein Sarshar and Ashish Narasimham. Large Language Models (LLMs) are revolutionizing how we interact with technology, but serving these powerful models efficiently can be a challenge. vLLM has rapidly become the primary choice for…

Cloud Blog: Announcing new capabilities for enabling defenders and securing AI innovation

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/security-summit-2025-enabling-defenders-and-securing-ai-innovation/ Source: Cloud Blog Title: Announcing new capabilities for enabling defenders and securing AI innovation Feedly Summary: AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment. From proactively finding zero-day vulnerabilities to processing vast amounts of threat intelligence data in…

Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

Aug 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

Cloud Blog: Google is a Leader and positioned furthest in vision in the 2025 Gartner® Magic Quadrant™ for Conversational AI Platforms

Aug 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/ai-machine-learning/gartner-magic-quadrant-for-conversational-ai-platforms/ Source: Cloud Blog Title: Google is a Leader and positioned furthest in vision in the 2025 Gartner® Magic Quadrant™ for Conversational AI Platforms Feedly Summary: Google has been named a Leader in the 2025 Gartner® Magic Quadrant™ for Conversational AI Platforms (CAIP) report, and positioned furthest in vision among all vendors evaluated.…

Simon Willison’s Weblog: The Summer of Johann: prompt injections as far as the eye can see

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/15/the-summer-of-johann/#atom-everything Source: Simon Willison’s Weblog Title: The Summer of Johann: prompt injections as far as the eye can see Feedly Summary: Independent AI researcher Johann Rehberger has had an absurdly busy August. Under the heading The Month of AI Bugs he has been publishing one report per day across an array of different…

Cloud Blog: Scalable AI starts with storage: Guide to model artifact strategies

Aug 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/developers-practitioners/scalable-ai-starts-with-storage-guide-to-model-artifact-strategies/ Source: Cloud Blog Title: Scalable AI starts with storage: Guide to model artifact strategies Feedly Summary: Managing large model artifacts is a common bottleneck in MLOps. Baking models into container images leads to slow, monolithic deployments, and downloading them at startup introduces significant delays. This guide explores a better way: decoupling your…

Tag: machine