Tag: Security Research
-
The Register: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand
Source URL: https://www.theregister.com/2025/09/11/voidproxy_phishing_service/ Source: The Register Title: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand Feedly Summary: Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and session tokens…
-
The Register: No gains, just pains as 1.6M fitness phone call recordings exposed online
Source URL: https://www.theregister.com/2025/09/09/gym_audio_recordings_exposed/ Source: The Register Title: No gains, just pains as 1.6M fitness phone call recordings exposed online Feedly Summary: HelloGym’s data security clearly skipped leg day Exclusive Sensitive info from hundreds of thousands of gym customers and staff – including names, financial details, and potentially biometric data in the form of audio recordings…
-
The Register: Salt Typhoon used dozens of domains, going back five years. Did you visit one?
Source URL: https://www.theregister.com/2025/09/08/salt_typhoon_domains/ Source: The Register Title: Salt Typhoon used dozens of domains, going back five years. Did you visit one? Feedly Summary: Plus ties to the Chinese spies who hacked Barracuda email gateways Security researchers have uncovered dozens of domains used by Chinese espionage crew Salt Typhoon to gain stealthy, long-term access to victim…
-
The Register: Critical, make-me-super-user SAP S/4HANA bug under active exploitation
Source URL: https://www.theregister.com/2025/09/05/critical_sap_s4hana_bug_exploited/ Source: The Register Title: Critical, make-me-super-user SAP S/4HANA bug under active exploitation Feedly Summary: 9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… AI Summary and Description: Yes…
-
Embrace The Red: Wrap Up: The Month of AI Bugs
Source URL: https://embracethered.com/blog/posts/2025/wrapping-up-month-of-ai-bugs/ Source: Embrace The Red Title: Wrap Up: The Month of AI Bugs Feedly Summary: That’s it. The Month of AI Bugs is done. There won’t be a post tomorrow, because I will be at PAX West. Overview of Posts ChatGPT: Exfiltrating Your Chat History and Memories With Prompt Injection | Video ChatGPT…
-
Slashdot: One Long Sentence is All It Takes To Make LLMs Misbehave
Source URL: https://slashdot.org/story/25/08/27/1756253/one-long-sentence-is-all-it-takes-to-make-llms-misbehave?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: One Long Sentence is All It Takes To Make LLMs Misbehave Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a significant security research finding from Palo Alto Networks’ Unit 42 regarding vulnerabilities in large language models (LLMs). The researchers explored methods that allow users to bypass…
-
The Register: One long sentence is all it takes to make LLMs misbehave
Source URL: https://www.theregister.com/2025/08/26/breaking_llms_for_fun/ Source: The Register Title: One long sentence is all it takes to make LLMs misbehave Feedly Summary: Chatbots ignore their guardrails when your grammar sucks, researchers find Security researchers from Palo Alto Networks’ Unit 42 have discovered the key to getting large language model (LLM) chatbots to ignore their guardrails, and it’s…
-
Slashdot: Perplexity’s AI Browser Comet Vulnerable To Prompt Injection Attacks That Hijack User Accounts
Source URL: https://it.slashdot.org/story/25/08/25/1654220/perplexitys-ai-browser-comet-vulnerable-to-prompt-injection-attacks-that-hijack-user-accounts?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Perplexity’s AI Browser Comet Vulnerable To Prompt Injection Attacks That Hijack User Accounts Feedly Summary: AI Summary and Description: Yes Summary: The text highlights significant vulnerabilities in Perplexity’s Comet browser linked to its AI summarization functionalities. These vulnerabilities allow attackers to hijack user accounts and execute malicious commands, posing…