point – Page 70 – Experimental News Clipping Site

The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

Aug 21, 2025

—

by

Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

Unit 42: Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/attackers-sell-your-bandwidth-using-sdks/ Source: Unit 42 Title: Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth Feedly Summary: A campaign leverages CVE-2024-36401 to stealthily monetize victims’ bandwidth where legitimate software development kits (SDKs) are deployed for passive income. The post Your Connection, Their Cash: Threat Actors Misuse SDKs to Sell Your Bandwidth…

Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…

Simon Willison’s Weblog: Quoting Mustafa Suleyman

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/21/mustafa-suleyman/ Source: Simon Willison’s Weblog Title: Quoting Mustafa Suleyman Feedly Summary: Simply put, my central worry is that many people will start to believe in the illusion of AIs as conscious entities so strongly that they’ll soon advocate for AI rights, model welfare and even AI citizenship. This development will be a dangerous…

Microsoft Security Blog: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/ Source: Microsoft Security Blog Title: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework Feedly Summary: A comprehensive technical deep dive on PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application. Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and…

Unit 42: Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/logit-gap-steering-impact/ Source: Unit 42 Title: Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety Feedly Summary: New research from Unit 42 on logit-gap steering reveals how internal alignment measures can be bypassed, making external AI security vital. The post Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety appeared…

Slashdot: Harvard Dropouts To Launch ‘Always On’ AI Smart Glasses That Listen, Record Every Conversation

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://hardware.slashdot.org/story/25/08/20/2058229/harvard-dropouts-to-launch-always-on-ai-smart-glasses-that-listen-record-every-conversation?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Harvard Dropouts To Launch ‘Always On’ AI Smart Glasses That Listen, Record Every Conversation Feedly Summary: AI Summary and Description: Yes Summary: The launch of Halo X smart glasses represents an innovative leap in AI-powered wearable technology, capitalizing on continuous audio capture and real-time information delivery. This technology raises…

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

The Register: Perplexity’s Comet browser naively processed pages with evil instructions

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/perplexity_comet_browser_prompt_injection/ Source: The Register Title: Perplexity’s Comet browser naively processed pages with evil instructions Feedly Summary: Rival Brave flags prompt injection vulnerability, now patched To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.… AI Summary and Description: Yes Summary: The text discusses a recently…

Wired: Do Large Language Models Dream of AI Agents?

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/sleeptime-compute-chatbots-memory/ Source: Wired Title: Do Large Language Models Dream of AI Agents? Feedly Summary: For AI models, knowing what to remember might be as important as knowing what to forget. Welcome to the era of “sleeptime compute.” AI Summary and Description: Yes Summary: The text introduces the concept of “sleeptime compute,” which emphasizes…

Tag: point