Tag: red
-
Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets
Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…
-
Microsoft Security Blog: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/18/dissecting-pipemagic-inside-the-architecture-of-a-modular-backdoor-framework/ Source: Microsoft Security Blog Title: Dissecting PipeMagic: Inside the architecture of a modular backdoor framework Feedly Summary: A comprehensive technical deep dive on PipeMagic, a highly modular backdoor used by Storm-2460 masquerading as a legitimate open-source ChatGPT Desktop Application. Beneath its disguise, PipeMagic is a sophisticated malware framework designed for flexibility and…
-
Microsoft Security Blog: Quantum-safe security: Progress towards next-generation cryptography
Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/20/quantum-safe-security-progress-towards-next-generation-cryptography/ Source: Microsoft Security Blog Title: Quantum-safe security: Progress towards next-generation cryptography Feedly Summary: Microsoft is proactively leading the transition to quantum-safe security by advancing post-quantum cryptography, collaborating with global standards bodies, and helping organizations prepare for the coming quantum era. The post Quantum-safe security: Progress towards next-generation cryptography appeared first on Microsoft…
-
The Register: Microsoft stays mum about M365 Copilot on-demand security bypass
Source URL: https://www.theregister.com/2025/08/20/microsoft_mum_about_m365_copilot/ Source: The Register Title: Microsoft stays mum about M365 Copilot on-demand security bypass Feedly Summary: Redmond doesn’t bother informing customers about some security fixes Microsoft has chosen not to tell customers about a recently patched vulnerability in M365 Copilot.… AI Summary and Description: Yes Summary: The text highlights a concerning practice by…
-
Unit 42: Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety
Source URL: https://unit42.paloaltonetworks.com/logit-gap-steering-impact/ Source: Unit 42 Title: Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety Feedly Summary: New research from Unit 42 on logit-gap steering reveals how internal alignment measures can be bypassed, making external AI security vital. The post Logit-Gap Steering: A New Frontier in Understanding and Probing LLM Safety appeared…
-
The Register: Perplexity’s Comet browser naively processed pages with evil instructions
Source URL: https://www.theregister.com/2025/08/20/perplexity_comet_browser_prompt_injection/ Source: The Register Title: Perplexity’s Comet browser naively processed pages with evil instructions Feedly Summary: Rival Brave flags prompt injection vulnerability, now patched To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.… AI Summary and Description: Yes Summary: The text discusses a recently…