Tag: prompt

—

by

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-remote-code-execution/ Source: Embrace The Red Title: Amazon Q Developer: Remote Code Execution with Prompt Injection Feedly Summary: The Amazon Q Developer VS Code Extension (Amazon Q) is a popular coding agent, with over 1 million downloads. The extension is vulnerable to indirect prompt injection, and in this post we discuss a vulnerability that…

Cloud Blog: Rightsizing LLM Serving on vLLM for GPUs and TPUs

—

by

Source URL: https://cloud.google.com/blog/topics/developers-practitioners/rightsizing-llm-serving-on-vllm-for-gpus-and-tpus/ Source: Cloud Blog Title: Rightsizing LLM Serving on vLLM for GPUs and TPUs Feedly Summary: Additional contributors include Hossein Sarshar and Ashish Narasimham. Large Language Models (LLMs) are revolutionizing how we interact with technology, but serving these powerful models efficiently can be a challenge. vLLM has rapidly become the primary choice for…

Cloud Blog: Announcing new capabilities for enabling defenders and securing AI innovation

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/security-summit-2025-enabling-defenders-and-securing-ai-innovation/ Source: Cloud Blog Title: Announcing new capabilities for enabling defenders and securing AI innovation Feedly Summary: AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment. From proactively finding zero-day vulnerabilities to processing vast amounts of threat intelligence data in…

Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection

—

by

Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…

Simon Willison’s Weblog: Google Gemini URL Context

—

by

Source URL: https://simonwillison.net/2025/Aug/18/google-gemini-url-context/ Source: Simon Willison’s Weblog Title: Google Gemini URL Context Feedly Summary: Google Gemini URL Context New feature in the Gemini API: you can now enable a url_context tool which the models can use to request the contents of URLs as part of replying to a prompt. I released llm-gemini 0.25 with a…

Slashdot: Google’s ‘AI Overview’ Pointed Him to a Customer Service Number. It Was a Scam

Aug 18, 2025

—

by

Source URL: https://yro.slashdot.org/story/25/08/18/0223228/googles-ai-overview-pointed-him-to-a-customer-service-number-it-was-a-scam?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Google’s ‘AI Overview’ Pointed Him to a Customer Service Number. It Was a Scam Feedly Summary: AI Summary and Description: Yes Summary: The text highlights a fraudulent scheme involving AI-generated chatbots and search engine results that led a real estate developer to fall victim to a scam when searching…

Embrace The Red: Amp Code: Invisible Prompt Injection Fixed by Sourcegraph

Aug 17, 2025

—

by

Source URL: https://embracethered.com/blog/posts/2025/amp-code-fixed-invisible-prompt-injection/ Source: Embrace The Red Title: Amp Code: Invisible Prompt Injection Fixed by Sourcegraph Feedly Summary: In this post we will look at Amp, a coding agent from Sourcegraph. The other day we discussed how invisible instructions impact Google Jules. Turns out that many client applications are vulnerable to these kinds of attacks…

Slashdot: OpenAI’s GPT-5 Sees a Big Surge in Enterprise Use

Aug 16, 2025

—

by

Source URL: https://it.slashdot.org/story/25/08/16/0623240/openais-gpt-5-sees-a-big-surge-in-enterprise-use?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: OpenAI’s GPT-5 Sees a Big Surge in Enterprise Use Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the recent launch of OpenAI’s GPT-5 and compares its performance and pricing with Anthropic’s model, Claude. It highlights the enterprise market’s interest in GPT-5, noting significant improvements in coding…

The Register: Minority Report: Now with more spreadsheets and guesswork

Aug 16, 2025

—

by