Experimental News Clipping Site

Tag: review

  • Unit 42: Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/threat-brief-compromised-salesforce-instances/ Source: Unit 42 Title: Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances Feedly Summary: This Threat Brief discusses observations on a campaign leveraging Salesloft Drift integration to exfiltrate data via compromised OAuth credentials. The post Threat Brief: Salesloft Drift Integration Used To Compromise Salesforce Instances appeared first on Unit 42.…

  • The Register: In the rush to adopt hot new tech, security is often forgotten. AI is no exception

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/02/exposed_ollama_servers_insecure_research/ Source: The Register Title: In the rush to adopt hot new tech, security is often forgotten. AI is no exception Feedly Summary: Cisco finds hundreds of Ollama servers open to unauthorized access, creating various nasty risks Cisco’s Talos security research team has found over 1,100 Ollama servers exposed to the public internet,…

  • Krebs on Security: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ Source: Krebs on Security Title: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft Feedly Summary: The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate…

  • Simon Willison’s Weblog: Introducing gpt-realtime

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/1/introducing-gpt-realtime/#atom-everything Source: Simon Willison’s Weblog Title: Introducing gpt-realtime Feedly Summary: Introducing gpt-realtime Released a few days ago (August 28th), gpt-realtime is OpenAI’s new “most advanced speech-to-speech model". It looks like this is a replacement for the older gpt-4o-realtime-preview model that was released last October. This is a slightly confusing release. The previous realtime…

  • The Register: LegalPwn: Tricking LLMs by burying badness in lawyerly fine print

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/01/legalpwn_ai_jailbreak/ Source: The Register Title: LegalPwn: Tricking LLMs by burying badness in lawyerly fine print Feedly Summary: Trust and believe – AI models trained to see ‘legal’ doc as super legit Researchers at security firm Pangea have discovered yet another way to trivially trick large language models (LLMs) into ignoring their guardrails. Stick…

  • Slashdot: OpenAI Is Scanning Users’ ChatGPT Conversations and Reporting Content To Police

    by

    Kurt Seifried
    in

    Source URL: https://yro.slashdot.org/story/25/08/31/2311231/openai-is-scanning-users-chatgpt-conversations-and-reporting-content-to-police Source: Slashdot Title: OpenAI Is Scanning Users’ ChatGPT Conversations and Reporting Content To Police Feedly Summary: AI Summary and Description: Yes Summary: The text highlights OpenAI’s controversial practice of monitoring user conversations in ChatGPT for threats, revealing significant security and privacy implications. This admission raises questions about the balance between safety and…

  • Tomasz Tunguz: The Rise and Fall of Vibe Coding

    by

    Kurt Seifried
    in

    Source URL: https://www.tomtunguz.com/the-rise-and-fall-of-vibe-coding/ Source: Tomasz Tunguz Title: The Rise and Fall of Vibe Coding Feedly Summary: We’re living through the “Wild West” era of AI-powered software development. Anyone can build custom solutions in minutes rather than months. This creative explosion heads toward a reckoning. Hidden maintenance costs of thousands of “vibe-coded” micro-apps will collide with…

  • Tomasz Tunguz: From Vibe Coding to the New Software Standard

    by

    Kurt Seifried
    in

    Source URL: https://www.tomtunguz.com/from-vibe-coding-to-the-new-software-standard/ Source: Tomasz Tunguz Title: From Vibe Coding to the New Software Standard Feedly Summary: The days of “move fast and break things” are over. Silicon Valley’s engineering teams are trading hoodies for hard hats. The software industry faces its biggest cultural shift in decades: from intuitive “vibe-based” coding to standardized development practices.…

  • The Register: Researcher who found McDonald’s free-food hack turns her attention to Chinese restaurant robots

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/29/pudu_robots_hackable/ Source: The Register Title: Researcher who found McDonald’s free-food hack turns her attention to Chinese restaurant robots Feedly Summary: The admin controls were left wide open on Pudu’s robots A researcher caught the world’s leading supplier of commercial service robots using shoddy admin security that let attackers redirect the delivery machines to…

  • Slashdot: Pentagon Halts Chinese Coders Affecting DOD Cloud Systems

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/08/29/1928258/pentagon-halts-chinese-coders-affecting-dod-cloud-systems Source: Slashdot Title: Pentagon Halts Chinese Coders Affecting DOD Cloud Systems Feedly Summary: AI Summary and Description: Yes Summary: The Pentagon has terminated a Microsoft program that permitted Chinese coders to work on sensitive Department of Defense (DOD) cloud systems under U.S. supervision. This decision was made due to concerns about unacceptable…