Tag: security researchers
-
The Register: Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales
Source URL: https://www.theregister.com/2025/09/26/salesforce_agentforce_forceleak_attack/ Source: The Register Title: Prompt injection – and a $5 domain – trick Salesforce Agentforce into leaking sales Feedly Summary: More fun with AI agents and their security holes A now-fixed flaw in Salesforce’s Agentforce could have allowed external attackers to steal sensitive customer data via prompt injection, according to security researchers…
-
Slashdot: AI Tools Give Dangerous Powers to Cyberattackers, Security Researchers Warn
Source URL: https://yro.slashdot.org/story/25/09/21/2022257/ai-tools-give-dangerous-powers-to-cyberattackers-security-researchers-warn?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: AI Tools Give Dangerous Powers to Cyberattackers, Security Researchers Warn Feedly Summary: AI Summary and Description: Yes **Summary:** The text highlights significant vulnerabilities associated with AI technologies, particularly in the context of automated systems and malicious actors leveraging them to exploit security gaps. It underscores emerging threats posed by…
-
Docker: MCP Security: A Developer’s Guide
Source URL: https://www.docker.com/blog/mcp-security-explained/ Source: Docker Title: MCP Security: A Developer’s Guide Feedly Summary: Since its release by Anthropic in November 2024, Model Context Protocol (MCP) has gained massive adoption and is quickly becoming the connective tissue between AI agents and the tools, APIs, and data they act on. With just a few lines of configuration,…
-
The Register: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand
Source URL: https://www.theregister.com/2025/09/11/voidproxy_phishing_service/ Source: The Register Title: Hijacker helper VoidProxy boosts Google, Microsoft accounts on demand Feedly Summary: Okta uncovers new phishing-as-a-service operation with ‘multiple entities’ falling victim Multiple attackers using a new phishing service dubbed VoidProxy to target organizations’ Microsoft and Google accounts have successfully stolen users’ credentials, multi-factor authentication codes, and session tokens…
-
The Register: No gains, just pains as 1.6M fitness phone call recordings exposed online
Source URL: https://www.theregister.com/2025/09/09/gym_audio_recordings_exposed/ Source: The Register Title: No gains, just pains as 1.6M fitness phone call recordings exposed online Feedly Summary: HelloGym’s data security clearly skipped leg day Exclusive Sensitive info from hundreds of thousands of gym customers and staff – including names, financial details, and potentially biometric data in the form of audio recordings…
-
The Register: Salt Typhoon used dozens of domains, going back five years. Did you visit one?
Source URL: https://www.theregister.com/2025/09/08/salt_typhoon_domains/ Source: The Register Title: Salt Typhoon used dozens of domains, going back five years. Did you visit one? Feedly Summary: Plus ties to the Chinese spies who hacked Barracuda email gateways Security researchers have uncovered dozens of domains used by Chinese espionage crew Salt Typhoon to gain stealthy, long-term access to victim…
-
The Register: Critical, make-me-super-user SAP S/4HANA bug under active exploitation
Source URL: https://www.theregister.com/2025/09/05/critical_sap_s4hana_bug_exploited/ Source: The Register Title: Critical, make-me-super-user SAP S/4HANA bug under active exploitation Feedly Summary: 9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… AI Summary and Description: Yes…
-
The Register: One long sentence is all it takes to make LLMs misbehave
Source URL: https://www.theregister.com/2025/08/26/breaking_llms_for_fun/ Source: The Register Title: One long sentence is all it takes to make LLMs misbehave Feedly Summary: Chatbots ignore their guardrails when your grammar sucks, researchers find Security researchers from Palo Alto Networks’ Unit 42 have discovered the key to getting large language model (LLM) chatbots to ignore their guardrails, and it’s…