security issues – Experimental News Clipping Site

Docker: From Hallucinations to Prompt Injection: Securing AI Workflows at Runtime

Sep 10, 2025

—

by

Source URL: https://www.docker.com/blog/secure-ai-agents-runtime-security/ Source: Docker Title: From Hallucinations to Prompt Injection: Securing AI Workflows at Runtime Feedly Summary: How developers are embedding runtime security to safely build with AI agents Introduction: When AI Workflows Become Attack Surfaces The AI tools we use today are powerful, but also unpredictable and exploitable. You prompt an LLM and…

The Register: This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill

Sep 10, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/10/microsoft_patch_tuesday/ Source: The Register Title: This Patch Tuesday, SAP is the worst offender and Microsoft users can kinda chill Feedly Summary: ERP giant patches flaw that allows total takeover of NetWeaver, Microsoft has nothing under attack for once September’s Patch Tuesday won’t require Microsoft users to rapidly repair rancid software, but SAP users…

The Register: WhatsApp’s former security boss claims reporting infosec failings led to ousting

Sep 8, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/08/whatsapp_exsecurity_head_sues_company/ Source: The Register Title: WhatsApp’s former security boss claims reporting infosec failings led to ousting Feedly Summary: Meta shrugs off allegations of improper dismissal, ignoring privacy and security WhatsApp’s former head of security, Attaullah Baig, has filed a lawsuit against its parent company, Meta, alleging that the social media megalith retaliated against…

The Register: Azure budget alerts go berserk after Microsoft account migration misfire

Sep 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/01/microsoft_azure_migration_misfire/ Source: The Register Title: Azure budget alerts go berserk after Microsoft account migration misfire Feedly Summary: Cloud customers left reeling as forecasts leap hundreds of percent Some Microsoft Azure customers have had a worrying few days after a problematic account migration caused forecast costs for the cloud service to skyrocket, triggering budget…

Cisco Security Blog: Detecting Exposed LLM Servers: A Shodan Case Study on Ollama

Sep 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://feedpress.me/link/23535/17131153/detecting-exposed-llm-servers-shodan-case-study-on-ollama Source: Cisco Security Blog Title: Detecting Exposed LLM Servers: A Shodan Case Study on Ollama Feedly Summary: We uncovered 1,100+ exposed Ollama LLM servers—20% with open models—revealing critical security gaps and the need for better LLM threat monitoring. AI Summary and Description: Yes Summary: The text highlights the discovery of over 1,100…

Embrace The Red: Cline: Vulnerable To Data Exfiltration And How To Protect Your Data

Aug 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/cline-vulnerable-to-data-exfiltration/ Source: Embrace The Red Title: Cline: Vulnerable To Data Exfiltration And How To Protect Your Data Feedly Summary: Cline is quite a popular AI coding agent, according to the product website it has 2+ million downloads and over 47k stars on GitHub. Unfortunately, Cline is vulnerable to data exfiltration through the rendering…

The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…

The Register: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/amazon_quietly_fixed_q_developer_flaws/ Source: The Register Title: Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE Feedly Summary: Move along, nothing to see here Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to…

The Register: Intel ghosts researcher who found web apps spilled 270K staff records

Aug 20, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/20/intel_website_flaws/ Source: The Register Title: Intel ghosts researcher who found web apps spilled 270K staff records Feedly Summary: Chipzilla quietly fixed the problems without responding to the person who found them Security boffin Eaton Zveare has highlighted some serious holes in the online infrastructure of chip giant Intel – walking through services with…

Tag: security issues