Experimental News Clipping Site

Tag: security professionals

  • The Register: Search-capable AI agents may cheat on benchmark tests

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/23/searchcapable_ai_agents_may_cheat/ Source: The Register Title: Search-capable AI agents may cheat on benchmark tests Feedly Summary: Data contamination can make models seem more capable than they really are Researchers with Scale AI have found that search-based AI models may cheat on benchmark tests by fetching the answers directly from online sources rather than deriving…

  • Embrace The Red: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit)

    by

    Kurt Seifried
    in

    Source URL: https://embracethered.com/blog/posts/2025/windsurf-spaiware-exploit-persistent-prompt-injection/ Source: Embrace The Red Title: Windsurf: Memory-Persistent Data Exfiltration (SpAIware Exploit) Feedly Summary: In this second post about Windsurf Cascade we are exploring the SpAIware attack, which allows memory persistent data exfiltration. SpAIware is an attack we first successfully demonstrated with ChatGPT last year and OpenAI mitigated. While inspecting the system prompt…

  • The Register: Short circuit: Electronics supplier to tech giants suffers ransomware shutdown

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/22/data_io_ransomware_attack_temporarily/ Source: The Register Title: Short circuit: Electronics supplier to tech giants suffers ransomware shutdown Feedly Summary: Amazon, Apple, Google, and Microsoft among major customers Data I/O, a major electronics manufacturer whose customers include Amazon, Apple, Google, and Microsoft, notified federal regulators that it fell victim to a ransomware infection on August 16…

  • The Register: Saved you a click: Firefox 142 offers AI summaries of links

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/22/firefox_142/ Source: The Register Title: Saved you a click: Firefox 142 offers AI summaries of links Feedly Summary: CRLite, link previews, and a llama-shaped surprise for devs Good news, everyone! The new version of Mozilla’s browser now makes even more extensive use of AI, providing summaries of linked content and offering developers the…

  • The Register: Criminal background checker APCS faces data breach

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/22/apcs_breach/ Source: The Register Title: Criminal background checker APCS faces data breach Feedly Summary: The attack first affected an upstream provider of bespoke software Exclusive A leading UK provider of criminal record checks for employers is handling a data breach stemming from a third-party development company.… AI Summary and Description: Yes Summary: The…

  • The Register: Fake CAPTCHA tests trick users into running malware

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/22/clickfix_report/ Source: The Register Title: Fake CAPTCHA tests trick users into running malware Feedly Summary: ClickFix tricks Microsoft’s security team has published an in-depth report into ClickFix, the social engineering attack which tricks users into executing malicious commands in the guise of proving their humanity.… AI Summary and Description: Yes Summary: Microsoft’s security…

  • The Register: Anthropic scanning Claude chats for queries about DIY nukes for some reason

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/anthropic_claude_nuclear_chat_detection/ Source: The Register Title: Anthropic scanning Claude chats for queries about DIY nukes for some reason Feedly Summary: Because savvy terrorists always use public internet services to plan their mischief, right? Anthropic says it has scanned an undisclosed portion of conversations with its Claude AI model to catch concerning inquiries about nuclear…

  • The Register: Honey, I shrunk the image and now I’m pwned

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/google_gemini_image_scaling_attack/ Source: The Register Title: Honey, I shrunk the image and now I’m pwned Feedly Summary: Google’s Gemini-powered tools tripped up by image-scaling prompt injection Security researchers with Trail of Bits have found that Google Gemini CLI and other production AI systems can be deceived by image scaling attacks, a well-known adversarial challenge…

  • Microsoft Security Blog: Think before you Click(Fix): Analyzing the ClickFix social engineering technique

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/08/21/think-before-you-clickfix-analyzing-the-clickfix-social-engineering-technique/ Source: Microsoft Security Blog Title: Think before you Click(Fix): Analyzing the ClickFix social engineering technique Feedly Summary: The ClickFix social engineering technique has been growing in popularity, with campaigns targeting thousands of enterprise and end-user devices daily. This technique exploits users’ tendency to resolve technical issues by tricking them into running malicious…

  • The Register: Apple rushes out fix for active zero-day in iOS and macOS

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/21/apple_imageio_exploit/ Source: The Register Title: Apple rushes out fix for active zero-day in iOS and macOS Feedly Summary: Another ‘extremely sophisticated’ exploit chewing at Cupertino’s walled garden Apple has shipped emergency updates to fix an actively exploited zero-day in its ImageIO framework, warning that the flaw has already been abused in targeted attacks.……