Tag: Private Data
-
Bulletins: Vulnerability Summary for the Week of June 9, 2025
Source URL: https://www.cisa.gov/news-events/bulletins/sb25-167 Source: Bulletins Title: Vulnerability Summary for the Week of June 9, 2025 Feedly Summary: High Vulnerabilities PrimaryVendor — Product Description Published CVSS Score Source Info Acer–ControlCenter Acer ControlCenter contains Remote Code Execution vulnerability. The program exposes a Windows Named Pipe that uses a custom protocol to invoke internal functions. However, this Named…
-
Simon Willison’s Weblog: The lethal trifecta for AI agents: private data, untrusted content, and external communication
Source URL: https://simonwillison.net/2025/Jun/16/the-lethal-trifecta/#atom-everything Source: Simon Willison’s Weblog Title: The lethal trifecta for AI agents: private data, untrusted content, and external communication Feedly Summary: If you are a user of LLM systems that use tools (you can call them “AI agents" if you like) it is critically important that you understand the risk of combining tools…
-
Simon Willison’s Weblog: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot
Source URL: https://simonwillison.net/2025/Jun/11/echoleak/ Source: Simon Willison’s Weblog Title: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Feedly Summary: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is…
-
Wired: Senators Warn DOGE’s Social Security Administration Work Could Break Benefits
Source URL: https://www.wired.com/story/doge-social-security-administration-benefits/ Source: Wired Title: Senators Warn DOGE’s Social Security Administration Work Could Break Benefits Feedly Summary: “This rush job risks people’s private data, creates security gaps, and could result in catastrophic cuts to all benefits," Senator Elizabeth Warren says of DOGE’s plans to “hastily upgrade” SSA IT systems. AI Summary and Description: Yes…
-
Simon Willison’s Weblog: The last year six months in LLMs, illustrated by pelicans on bicycles
Source URL: https://simonwillison.net/2025/Jun/6/six-months-in-llms/#atom-everything Source: Simon Willison’s Weblog Title: The last year six months in LLMs, illustrated by pelicans on bicycles Feedly Summary: I presented an invited keynote at the AI Engineer World’s Fair in San Francisco this week. This is my third time speaking at the event – here’s my talks from October 2023 and…
-
Cloud Blog: Vertex AI Studio, redesigned: Your source for generative AI media models across all modalities
Source URL: https://cloud.google.com/blog/products/ai-machine-learning/vertex-ai-studio-redesigned/ Source: Cloud Blog Title: Vertex AI Studio, redesigned: Your source for generative AI media models across all modalities Feedly Summary: Google Cloud’s Vertex AI platform makes it easy to experiment with and customize over 200 advanced foundation models – like the latest Google Gemini models, and third-party partner models such as Meta’s…
-
Simon Willison’s Weblog: GitHub MCP Exploited: Accessing private repositories via MCP
Source URL: https://simonwillison.net/2025/May/26/github-mcp-exploited/#atom-everything Source: Simon Willison’s Weblog Title: GitHub MCP Exploited: Accessing private repositories via MCP Feedly Summary: GitHub MCP Exploited: Accessing private repositories via MCP GitHub’s official MCP server grants LLMs a whole host of new abilities, including being able to read and issues in repositories the user has access to and submit new…
-
Simon Willison’s Weblog: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft
Source URL: https://simonwillison.net/2025/May/23/remote-prompt-injection-in-gitlab-duo/ Source: Simon Willison’s Weblog Title: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Feedly Summary: Remote Prompt Injection in GitLab Duo Leads to Source Code Theft Yet another example of the classic Markdown image exfiltration attack, this time affecting GitLab Duo – GitLab’s chatbot. Omer Mayraz reports on how…
-
Cloud Blog: Google Cloud and Spring AI 1.0
Source URL: https://cloud.google.com/blog/topics/developers-practitioners/google-cloud-and-spring-ai-10/ Source: Cloud Blog Title: Google Cloud and Spring AI 1.0 Feedly Summary: A big thank you to Fran Hinkelmann and Aaron Wanjala for their contributions and support in making this blog post happen.After a period of intense development, Spring AI 1.0 has officially landed, bringing a robust and comprehensive solution for AI…
-
Simon Willison’s Weblog: Claude feature drop
Source URL: https://simonwillison.net/2025/May/2/claude-search/ Source: Simon Willison’s Weblog Title: Claude feature drop Feedly Summary: It’s not in their release notes yet but Anthropic pushed some big new features today. Alex Albert: We’ve improved web search and rolled it out worldwide to all paid plans. Web search now combines light Research functionality, allowing Claude to automatically adjust…