security landscape – Page 2 – Experimental News Clipping Site

Cloud Blog: Widespread Data Theft Targets Salesforce Instances via Salesloft Drift

Aug 26, 2025

—

by

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/data-theft-salesforce-instances-via-salesloft-drift/ Source: Cloud Blog Title: Widespread Data Theft Targets Salesforce Instances via Salesloft Drift Feedly Summary: Written by: Austin Larsen, Matt Lin, Tyler McLellan, Omar ElAhdan Introduction Google Threat Intelligence Group (GTIG) is issuing an advisory to alert organizations about a widespread data theft campaign, carried out by the actor tracked as UNC6395.…

Cisco Security Blog: Cisco Bolsters Security for Government With New FedRAMP Authorizations

Aug 25, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://feedpress.me/link/23535/17126109/cisco-bolsters-security-for-government-with-new-fedramp-authorizations Source: Cisco Security Blog Title: Cisco Bolsters Security for Government With New FedRAMP Authorizations Feedly Summary: Cisco is proud to announce three new FedRAMP-authorized cloud security solutions, pupose-built for federal, state, and local agencies. AI Summary and Description: Yes Summary: Cisco’s introduction of three new FedRAMP-authorized cloud security solutions represents a significant…

Embrace The Red: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit)

Aug 22, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/windsurf-spaiware-exploit-persistent-prompt-injection/ Source: Embrace The Red Title: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit) Feedly Summary: In this second post about Windsurf Cascade we are exploring the SpAIware attack, which allows memory persistent data exfiltration. SpAIware is an attack we first successfully demonstrated with ChatGPT last year and OpenAI mitigated. While inspecting the system prompt…

The Register: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/21/freevpn_privacy_research/ Source: The Register Title: Google yet to take down ‘screenshot-grabbing’ Chrome VPN extension Feedly Summary: Researcher claims extension didn’t start out by exfiltrating info… while dev says its actions are ‘compliant’ Security boffins at Koi Security have warned of a shift in behavior of a popular Chrome VPN extension, FreeVPN.One, which recently…

Docker: Docker @ Black Hat 2025: CVEs have everyone’s attention, here’s the path forward

Aug 15, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.docker.com/blog/docker-black-hat-2025-secure-software-supply-chain/ Source: Docker Title: Docker @ Black Hat 2025: CVEs have everyone’s attention, here’s the path forward Feedly Summary: CVEs dominated the conversation at Black Hat 2025. Across sessions, booth discussions, and hallway chatter, it was clear that teams are feeling the pressure to manage vulnerabilities at scale. While scanning remains an important…

Cloud Blog: Cloud CISO Perspectives: New Threat Horizons details evolving risks — and defenses

Aug 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-new-threat-horizons-details-evolving-risks-and-defenses/ Source: Cloud Blog Title: Cloud CISO Perspectives: New Threat Horizons details evolving risks — and defenses Feedly Summary: Welcome to the first Cloud CISO Perspectives for August 2025. Today, our Office of the CISO’s Bob Mechler and Anton Chuvakin dive into the key trends and evolving threats that we tracked in our…

Embrace The Red: Jules Zombie Agent: From Prompt Injection to Remote Control

Aug 14, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/google-jules-remote-code-execution-zombai/ Source: Embrace The Red Title: Jules Zombie Agent: From Prompt Injection to Remote Control Feedly Summary: In the previous post, we explored two data exfiltration vectors that Jules is vulnerable to and that can be exploited via prompt injection. This post takes it further by demonstrating how Jules can be convinced to…

Simon Willison’s Weblog: Screaming in the Cloud: AI’s Security Crisis: Why Your Assistant Might Betray You

Aug 13, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/13/screaming-in-the-cloud/ Source: Simon Willison’s Weblog Title: Screaming in the Cloud: AI’s Security Crisis: Why Your Assistant Might Betray You Feedly Summary: Screaming in the Cloud: AI’s Security Crisis: Why Your Assistant Might Betray You I recorded this podcast conversation with Corey Quinn a few weeks ago: On this episode of Screaming in the…

Google Online Security Blog: Android’s pKVM Becomes First Globally Certified Software to Achieve Prestigious SESIP Level 5 Security Certification

Aug 12, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: http://security.googleblog.com/2025/08/Android-pKVM-Certified-SESIP-Level-5.html Source: Google Online Security Blog Title: Android’s pKVM Becomes First Globally Certified Software to Achieve Prestigious SESIP Level 5 Security Certification Feedly Summary: AI Summary and Description: Yes Summary: The announcement about the pKVM achieving SESIP Level 5 certification marks a significant advancement in open-source security for consumer electronics, particularly in supporting…

The Register: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/ Source: The Register Title: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks Feedly Summary: A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… AI Summary and Description:…

Tag: security landscape