Tag: risks
-
Embrace The Red: Sneaking Invisible Instructions by Developers in Windsurf
Source URL: https://embracethered.com/blog/posts/2025/windsurf-sneaking-invisible-instructions-for-prompt-injection/ Source: Embrace The Red Title: Sneaking Invisible Instructions by Developers in Windsurf Feedly Summary: Imagine a malicious instruction hidden in plain sight, invisible to you but not to the AI. This is a vulnerability discovered in Windsurf Cascade, it follows invisible instructions. This means there can be instructions in a file or…
-
Embrace The Red: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit)
Source URL: https://embracethered.com/blog/posts/2025/windsurf-spaiware-exploit-persistent-prompt-injection/ Source: Embrace The Red Title: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit) Feedly Summary: In this second post about Windsurf Cascade we are exploring the SpAIware attack, which allows memory persistent data exfiltration. SpAIware is an attack we first successfully demonstrated with ChatGPT last year and OpenAI mitigated. While inspecting the system prompt…
-
Slashdot: Microsoft Reportedly Cuts China’s Early Access to Bug Disclosures, PoC Exploit Code
Source URL: https://it.slashdot.org/story/25/08/22/2059255/microsoft-reportedly-cuts-chinas-early-access-to-bug-disclosures-poc-exploit-code Source: Slashdot Title: Microsoft Reportedly Cuts China’s Early Access to Bug Disclosures, PoC Exploit Code Feedly Summary: AI Summary and Description: Yes Summary: Microsoft has modified its Microsoft Active Protections Program (MAPP) to restrict access to proof-of-concept exploit code for companies in certain countries, including China, to combat the leak of sensitive…
-
The Register: Short circuit: Electronics supplier to tech giants suffers ransomware shutdown
Source URL: https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/ Source: The Register Title: Short circuit: Electronics supplier to tech giants suffers ransomware shutdown Feedly Summary: Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16…
-
The Register: Criminal background checker APCS faces data breach
Source URL: https://www.theregister.com/2025/08/22/apcs_breach/ Source: The Register Title: Criminal background checker APCS faces data breach Feedly Summary: The attack first affected an upstream provider of bespoke software Exclusive A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company.… AI Summary and Description: Yes Summary: The…
-
Slashdot: Coinbase Reverses Remote-First Policy After North Korean Infiltration Attempts
Source URL: https://slashdot.org/story/25/08/22/1515238/coinbase-reverses-remote-first-policy-after-north-korean-infiltration-attempts?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Coinbase Reverses Remote-First Policy After North Korean Infiltration Attempts Feedly Summary: AI Summary and Description: Yes Summary: The text highlights the increasing security vulnerabilities associated with remote work policies, particularly in sensitive roles within cryptocurrency firms. It emphasizes the proactive measures taken by Coinbase to mitigate these risks, including…