security risks – Experimental News Clipping Site

The Register: Employees regularly paste company secrets into ChatGPT

Oct 7, 2025

—

by

Source URL: https://www.theregister.com/2025/10/07/gen_ai_shadow_it_secrets/ Source: The Register Title: Employees regularly paste company secrets into ChatGPT Feedly Summary: Microsoft Copilot, not so much Employees could be opening up to OpenAI in ways that put sensitive data at risk. According to a study by security biz LayerX, a large number of corporate users paste Personally Identifiable Information (PII)…

Microsoft Security Blog: Disrupting threats targeting Microsoft Teams

Oct 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.microsoft.com/en-us/security/blog/2025/10/07/disrupting-threats-targeting-microsoft-teams/ Source: Microsoft Security Blog Title: Disrupting threats targeting Microsoft Teams Feedly Summary: Threat actors seek to abuse Microsoft Teams features and capabilities across the attack chain, underscoring the importance for defenders to proactively monitor, detect, and respond effectively. In this blog, we recommend countermeasures and optimal controls across identity, endpoints, data apps,…

The Register: OpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance

Oct 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/07/openai_bans_suspected_china_accounts/ Source: The Register Title: OpenAI bans suspected Chinese accounts using ChatGPT to plan surveillance Feedly Summary: It also banned some suspected Russian accounts trying to create influence campaigns and malware OpenAI has banned ChatGPT accounts believed to be linked to Chinese government entities attempting to use AI models to surveil individuals and…

Wired: Vibe Coding Is the New Open Source—in the Worst Way Possible

Oct 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.wired.com/story/vibe-coding-is-the-new-open-source/ Source: Wired Title: Vibe Coding Is the New Open Source—in the Worst Way Possible Feedly Summary: As developers increasingly lean on AI-generated code to build out their software—as they have with open source in the past—they risk introducing critical security failures along the way. AI Summary and Description: Yes Summary: The text…

Slashdot: Are Software Registries Inherently Insecure?

Oct 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://developers.slashdot.org/story/25/10/05/2318202/are-software-registries-inherently-insecure?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Are Software Registries Inherently Insecure? Feedly Summary: AI Summary and Description: Yes Summary: The text discusses the persistent issues related to software supply chain attacks, emphasizing weaknesses in the design of software registries like npm, PyPI, and Docker Hub. It highlights how inadequate safeguards allowed for multiple registry breaches…

Slashdot: Mouse Sensors Can Pick Up Speech From Surface Vibrations, Researchers Show

Oct 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/10/05/2225224/mouse-sensors-can-pick-up-speech-from-surface-vibrations-researchers-show?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Mouse Sensors Can Pick Up Speech From Surface Vibrations, Researchers Show Feedly Summary: AI Summary and Description: Yes Summary: Researchers from the University of California, Irvine, have identified a security vulnerability in high-performance optical mice that can be exploited to capture audio data from a user’s environment, effectively turning…

Slashdot: Key Cybersecurity Intelligence-Sharing Law Expires as Government Shuts Down

Oct 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://yro.slashdot.org/story/25/10/03/1441215/key-cybersecurity-intelligence-sharing-law-expires-as-government-shuts-down?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Key Cybersecurity Intelligence-Sharing Law Expires as Government Shuts Down Feedly Summary: AI Summary and Description: Yes Summary: The expiration of the Cybersecurity Information Sharing Act (CISA) highlights significant vulnerabilities for private sector organizations regarding the sharing of cyber threat intelligence, potentially elevating cybersecurity risks against U.S. critical infrastructure. This…

The Register: Oracle tells Clop-targeted EBS users to apply July patch, problem solved

Oct 3, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/03/oracle_ebs_clop_extortion/ Source: The Register Title: Oracle tells Clop-targeted EBS users to apply July patch, problem solved Feedly Summary: Researchers suggest internet-facing portals are exposing ‘thousands’ of orgs Oracle has finally broken its silence on those Clop-linked extortion emails, but only to tell customers what they already should have known: patch your damn systems.……

The Register: US Air Force investigates ‘privacy-related issue’ amid rumored SharePoint shutdown

Oct 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/10/01/us_air_force_investigates_breach/ Source: The Register Title: US Air Force investigates ‘privacy-related issue’ amid rumored SharePoint shutdown Feedly Summary: Uncle Sam can’t quit Redmond Exclusive The US Air Force confirmed it’s investigating a “privacy-related issue" amid reports of a Microsoft SharePoint-related breach and subsequent service-wide shutdown, rendering mission files and other critical tools potentially unavailable…

Cloud Blog: Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations

Sep 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/topics/threat-intelligence/unc6040-proactive-hardening-recommendations/ Source: Cloud Blog Title: Cybercrime Observations from the Frontlines: UNC6040 Proactive Hardening Recommendations Feedly Summary: Written by: Omar ElAhdan, Matthew McWhirt, Michael Rudden, Aswad Robinson, Bhavesh Dhake, Laith Al Background Protecting software-as-a-service (SaaS) platforms and applications requires a comprehensive security strategy. Drawing…

Tag: security risks