Tag: security risk

Source URL: https://simonwillison.net/2025/Sep/23/why-ai-systems-might-never-be-secure/#atom-everything Source: Simon Willison’s Weblog Title: Why AI systems might never be secure Feedly Summary: Why AI systems might never be secure The Economist have a new piece out about LLM security, with this headline and subtitle: Why AI systems might never be secure A “lethal trifecta” of conditions opens them to abuse…

The Register: ‘Technical debt’ in police database built to respond to child murders causing a ‘failing service’

Sep 22, 2025

—

by

Source URL: https://www.theregister.com/2025/09/22/police_database_built_to_respond/ Source: The Register Title: ‘Technical debt’ in police database built to respond to child murders causing a ‘failing service’ Feedly Summary: Project rated at ‘Red’ risk as it struggles to move off obsolete Oracle tech and cloud transition stalls The risk rating of the UK’s crime intelligence database is being elevated to…

Simon Willison’s Weblog: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration

—

by

Source URL: https://simonwillison.net/2025/Sep/19/notion-lethal-trifecta/ Source: Simon Willison’s Weblog Title: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration Feedly Summary: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration Abi Raghuram reports that Notion 3.0, released yesterday, introduces new prompt injection data exfiltration vulnerabilities…

Cloud Blog: Strengthen GCE and GKE security with new dashboards powered by Security Command Center

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/new-gce-and-gke-dashboards-strengthen-security-posture/ Source: Cloud Blog Title: Strengthen GCE and GKE security with new dashboards powered by Security Command Center Feedly Summary: As cloud infrastructure evolves, so should how you safeguard that technology. As part of our efforts to help you maintain a strong security posture, we’ve introduced powerful capabilities that can address some of…

Slashdot: This Microsoft Entra ID Vulnerability Could Have Been Catastrophic

—

by

Source URL: https://it.slashdot.org/story/25/09/19/027208/this-microsoft-entra-id-vulnerability-could-have-been-catastrophic?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: This Microsoft Entra ID Vulnerability Could Have Been Catastrophic Feedly Summary: AI Summary and Description: Yes Summary: The text discusses significant vulnerabilities identified in Microsoft’s Entra ID identity platform, which could have potentially granted unauthorized administrative access to Azure accounts. The rapid response from Microsoft following the discovery showcases…

The Register: One token to pwn them all: Entra ID bug could have granted access to every tenant

—

by

Source URL: https://www.theregister.com/2025/09/19/microsoft_entra_id_bug/ Source: The Register Title: One token to pwn them all: Entra ID bug could have granted access to every tenant Feedly Summary: Until Microsoft lobbed it into a virtual volcano A security researcher claims to have found a flaw that could have handed him the keys to almost every Entra ID tenant…

The Register: Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack

Sep 17, 2025

—

by

Source URL: https://www.theregister.com/2025/09/17/ddr5_dram_rowhammer/ Source: The Register Title: Ruh-roh. DDR5 memory vulnerable to new Rowhammer attack Feedly Summary: Google and ETH Zurich found problems with AMD/SK Hynix combo, will probe other hardware Researchers from Google and Swiss university ETH Zurich have found a new class of Rowhammer vulnerability that could allow attackers to access info stored…

Slashdot: The Mac App Flea Market

Sep 16, 2025

—

by

Source URL: https://apple.slashdot.org/story/25/09/16/0629209/the-mac-app-flea-market?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: The Mac App Flea Market Feedly Summary: AI Summary and Description: Yes Summary: The text highlights the emergence of numerous imitation applications in the Mac App Store that mimic official AI chat applications like ChatGPT. These copycat apps raise concerns regarding authenticity and security in the AI landscape. Detailed…

Krebs on Security: Self-Replicating Worm Hits 180+ Software Packages

Sep 16, 2025

—

by