Experimental News Clipping Site

Tag: security flaws

  • OpenAI : GPT-5 bio bug bounty call

    by

    Kurt Seifried
    in

    Source URL: https://openai.com/gpt-5-bio-bug-bounty Source: OpenAI Title: GPT-5 bio bug bounty call Feedly Summary: OpenAI invites researchers to its Bio Bug Bounty. Test GPT-5’s safety with a universal jailbreak prompt and win up to $25,000. AI Summary and Description: Yes Summary: OpenAI’s initiative invites researchers to participate in its Bio Bug Bounty program, focusing on testing…

  • The Register: GitHub engineer claims team was ‘coerced’ to put Grok into Copilot

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/29/github_deepens_ties_with_elon/ Source: The Register Title: GitHub engineer claims team was ‘coerced’ to put Grok into Copilot Feedly Summary: Platform’s staffer complains security review was ‘rushed’ Microsoft-owned collaborative coding platform GitHub is deepening its ties with Elon Musk’s xAI, bringing early access to the company’s Grok Code Fast 1 large language model (LLM) into…

  • The Register: Thousands of Citrix NetScaler boxes still sitting ducks despite patches

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/28/thousands_of_citrix_netscaler_boxes/ Source: The Register Title: Thousands of Citrix NetScaler boxes still sitting ducks despite patches Feedly Summary: Shadowserver counts more than 13,000 appliances still wide open – including thousands in US, Germany, and UK Thousands of Citrix NetScaler appliances remain exposed to a trio of security flaws that the vendor patched this week,…

  • Embrace The Red: How Prompt Injection Exposes Manus’ VS Code Server to the Internet

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/manus-ai-kill-chain-expose-port-vs-code-server-on-internet/ Source: Embrace The Red Title: How Prompt Injection Exposes Manus’ VS Code Server to the Internet Feedly Summary: Today we will cover a powerful, easy to use, autonomous agent called Manus. Manus is developed by the Chinese startup Monica, based in Singapore. This post demonstrates an end-to-end indirect prompt injection attack leading…

  • Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…

  • Slashdot: Male-Oriented App ‘TeaOnHer’ Also Had Security Flaws That Could Leak Men’s Driver’s License Photos

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/08/18/0550252/male-oriented-app-teaonher-also-had-security-flaws-that-could-leak-mens-drivers-license-photos?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Male-Oriented App ‘TeaOnHer’ Also Had Security Flaws That Could Leak Men’s Driver’s License Photos Feedly Summary: AI Summary and Description: Yes Summary: The text discusses data breaches and security flaws in two dating-advice apps, focusing on the implications of such incidents for user privacy and corporate liability. These issues…

  • Slashdot: Security Flaws In Carmaker’s Web Portal Let a Hacker Remotely Unlock Cars

    by

    Kurt Seifried
    in

    Source URL: https://it.slashdot.org/story/25/08/17/0221251/security-flaws-in-carmakers-web-portal-let-a-hacker-remotely-unlock-cars?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Security Flaws In Carmaker’s Web Portal Let a Hacker Remotely Unlock Cars Feedly Summary: AI Summary and Description: Yes Summary: A security researcher discovered vulnerabilities in a car dealership portal that could expose personal information and allow remote access to cars. The issues highlight the critical importance of secure…

  • Cisco Talos Blog: What happened in Vegas (that you actually want to know about)

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/what-happened-in-vegas-that-you-actually-want-to-know-about/ Source: Cisco Talos Blog Title: What happened in Vegas (that you actually want to know about) Feedly Summary: Hazel braves Vegas, overpriced water and the Black Hat maze to bring you Talos’ latest research — including a deep dive into the PS1Bot malware campaign. AI Summary and Description: Yes Summary: This newsletter…