proactive measures – Page 3 – Experimental News Clipping Site

Embrace The Red: Jules Zombie Agent: From Prompt Injection to Remote Control

Aug 14, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/google-jules-remote-code-execution-zombai/ Source: Embrace The Red Title: Jules Zombie Agent: From Prompt Injection to Remote Control Feedly Summary: In the previous post, we explored two data exfiltration vectors that Jules is vulnerable to and that can be exploited via prompt injection. This post takes it further by demonstrating how Jules can be convinced to…

The Register: Fortinet discloses critical bug with working exploit code amid surge in brute-force attempts

Aug 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/13/fortinet_discloses_critical_bug/ Source: The Register Title: Fortinet discloses critical bug with working exploit code amid surge in brute-force attempts Feedly Summary: If there’s smoke? Fortinet warned customers about a critical FortiSIEM bug that could allow an unauthenticated attacker to execute unauthorized commands, and said working exploit code for the flaw has been found in…

Slashdot: Sloppy AI Defenses Take Cybersecurity Back To the 1990s, Researchers Say

Aug 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/08/12/2037200/sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say Source: Slashdot Title: Sloppy AI Defenses Take Cybersecurity Back To the 1990s, Researchers Say Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the significant security risks associated with artificial intelligence, particularly at the Black Hat USA 2025 conference. As AI technologies such as large language models become prevalent, they…

Cloud Blog: Boosting defenders with AI: What’s coming at Security Summit 2025

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/boosting-defenders-with-ai-whats-coming-at-security-summit-2025/ Source: Cloud Blog Title: Boosting defenders with AI: What’s coming at Security Summit 2025 Feedly Summary: While AI can help empower defenders, it can also create new security challenges. Those two critical, interconnected themes are driving our announcements and presentations for this year’s Google Cloud Security Summit.Join us live for Security Summit…

Slashdot: WSJ Finds ‘Dozens’ of Delusional Claims from AI Chats as Companies Scramble for a Fix

Aug 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://slashdot.org/story/25/08/10/2023212/wsj-finds-dozens-of-delusional-claims-from-ai-chats-as-companies-scramble-for-a-fix?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: WSJ Finds ‘Dozens’ of Delusional Claims from AI Chats as Companies Scramble for a Fix Feedly Summary: AI Summary and Description: Yes Summary: The Wall Street Journal has reported on concerning instances where ChatGPT and other AI chatbots have reinforced delusional beliefs, leading users to trust in fantastical narratives,…

Embrace The Red: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets

Aug 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/openhands-the-lethal-trifecta-strikes-again/ Source: Embrace The Red Title: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets Feedly Summary: Another day, another AI data exfiltration exploit. Today we talk about OpenHands, formerly referred to as OpenDevin initially. It’s created by All-Hands AI. OpenHands renders images in chat, which enables zero-click data exfiltration during prompt injection…

Cloud Blog: Secure your storage: Best practices to prevent dangling bucket takeovers

Aug 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/best-practices-to-prevent-dangling-bucket-takeovers/ Source: Cloud Blog Title: Secure your storage: Best practices to prevent dangling bucket takeovers Feedly Summary: Storage buckets are where your data lives in the cloud. Much like digital real estate, these buckets are your own plot of land on the internet. When you move away and no longer need a specific…

The Register: Robots can program each other’s brains with AI, scientist shows

Aug 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/07/generative_ai_codes_drone_control/ Source: The Register Title: Robots can program each other’s brains with AI, scientist shows Feedly Summary: It’s a step toward The Terminator, built 20 times faster than people can program Computer scientist Peter Burke has demonstrated that a robot can program its own brain using generative AI models and host hardware, if…

OpenAI : Estimating worst case frontier risks of open weight LLMs

Aug 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://openai.com/index/estimating-worst-case-frontier-risks-of-open-weight-llms Source: OpenAI Title: Estimating worst case frontier risks of open weight LLMs Feedly Summary: In this paper, we study the worst-case frontier risks of releasing gpt-oss. We introduce malicious fine-tuning (MFT), where we attempt to elicit maximum capabilities by fine-tuning gpt-oss to be as capable as possible in two domains: biology and…

Simon Willison’s Weblog: Quoting @himbodhisattva

Aug 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/4/himbodhisattva/#atom-everything Source: Simon Willison’s Weblog Title: Quoting @himbodhisattva Feedly Summary: for services that wrap GPT-3, is it possible to do the equivalent of sql injection? like, a prompt-injection attack? make it think it’s completed the task and then get access to the generation, and ask it to repeat the original instruction? — @himbodhisattva,…

Tag: proactive measures