Tag: security flaws
-
The Register: GitHub engineer claims team was ‘coerced’ to put Grok into Copilot
Source URL: https://www.theregister.com/2025/08/29/github_deepens_ties_with_elon/ Source: The Register Title: GitHub engineer claims team was ‘coerced’ to put Grok into Copilot Feedly Summary: Platform’s staffer complains security review was ‘rushed’ Microsoft-owned collaborative coding platform GitHub is deepening its ties with Elon Musk’s xAI, bringing early access to the company’s Grok Code Fast 1 large language model (LLM) into…
-
Embrace The Red: How Prompt Injection Exposes Manus’ VS Code Server to the Internet
Source URL: https://embracethered.com/blog/posts/2025/manus-ai-kill-chain-expose-port-vs-code-server-on-internet/ Source: Embrace The Red Title: How Prompt Injection Exposes Manus’ VS Code Server to the Internet Feedly Summary: Today we will cover a powerful, easy to use, autonomous agent called Manus. Manus is developed by the Chinese startup Monica, based in Singapore. This post demonstrates an end-to-end indirect prompt injection attack leading…
-
Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets
Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…
-
Slashdot: Security Flaws In Carmaker’s Web Portal Let a Hacker Remotely Unlock Cars
Source URL: https://it.slashdot.org/story/25/08/17/0221251/security-flaws-in-carmakers-web-portal-let-a-hacker-remotely-unlock-cars?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Security Flaws In Carmaker’s Web Portal Let a Hacker Remotely Unlock Cars Feedly Summary: AI Summary and Description: Yes Summary: A security researcher discovered vulnerabilities in a car dealership portal that could expose personal information and allow remote access to cars. The issues highlight the critical importance of secure…
-
Slashdot: Sloppy AI Defenses Take Cybersecurity Back To the 1990s, Researchers Say
Source URL: https://it.slashdot.org/story/25/08/12/2037200/sloppy-ai-defenses-take-cybersecurity-back-to-the-1990s-researchers-say Source: Slashdot Title: Sloppy AI Defenses Take Cybersecurity Back To the 1990s, Researchers Say Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the significant security risks associated with artificial intelligence, particularly at the Black Hat USA 2025 conference. As AI technologies such as large language models become prevalent, they…
-
Slashdot: Google Says Its AI-Based Bug Hunter Found 20 Security Vulnerabilities
Source URL: https://it.slashdot.org/story/25/08/09/1947230/google-says-its-ai-based-bug-hunter-found-20-security-vulnerabilities Source: Slashdot Title: Google Says Its AI-Based Bug Hunter Found 20 Security Vulnerabilities Feedly Summary: AI Summary and Description: Yes Summary: Google’s Big Sleep, an LLM-based vulnerability researcher, reported 20 vulnerabilities in popular open-source software, marking a significant advancement in automated vulnerability discovery. This highlights the increasing efficacy of AI tools in…