Tag: sensitive data

Source URL: https://embracethered.com/blog/posts/2025/anthropic-filesystem-mcp-server-bypass/ Source: Embrace The Red Title: Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation Feedly Summary: A few months ago I was looking at the filesystem MCP server from Anthropic. The server allows to give an AI, like Claude Desktop, access to the local filesystem to read files or edit…

Simon Willison’s Weblog: Faster inference

—

by

Source URL: https://simonwillison.net/2025/Aug/1/faster-inference/ Source: Simon Willison’s Weblog Title: Faster inference Feedly Summary: Two interesting examples of inference speed as a flagship feature of LLM services today. First, Cerebras announced two new monthly plans for their extremely high speed hosted model service: Cerebras Code Pro ($50/month, 1,000 messages a day) and Cerebras Code Max ($200/month, 5,000/day).…

The Register: Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks

—

by

Source URL: https://www.theregister.com/2025/08/01/microsoft_recall_captures_credit_card_info/ Source: The Register Title: Tested: Microsoft Recall can still capture credit cards and passwords, a treasure trove for crooks Feedly Summary: Our tests have shown there are ways to get around the promised security improvements exclusive Microsoft Recall, the AI app that takes screenshots of what you do on your PC so…

The Register: China says US spies exploited Microsoft Exchange zero-day to steal military info

—

by

Source URL: https://www.theregister.com/2025/08/01/china_us_intel_attacks/ Source: The Register Title: China says US spies exploited Microsoft Exchange zero-day to steal military info Feedly Summary: Spy vs. spy China has accused US intelligence agencies of exploiting a Microsoft Exchange zero-day exploit to steal defense-related data and take over more than 50 devices belonging to a “major Chinese military enterprise"…

Embrace The Red: Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection

—

by

Source URL: https://embracethered.com/blog/posts/2025/chatgpt-chat-history-data-exfiltration/ Source: Embrace The Red Title: Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection Feedly Summary: In this post we demonstrate how a bypass in OpenAI’s “safe URL” rendering feature allows ChatGPT to send personal information to a third-party server. This can be exploited by an adversary via a prompt injection…

Cloud Blog: Introducing audit-only mode for Access Transparency

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/introducing-audit-only-mode-for-access-transparency/ Source: Cloud Blog Title: Introducing audit-only mode for Access Transparency Feedly Summary: As part of our commitment to cloud workload security and transparency, today, we’re introducing a new, lightweight audit-only mode for Access Approval to enable access approvals in an “on demand only” model. This new capability is available at no extra…

Slashdot: Public ChatGPT Queries Are Getting Indexed By Google and Other Search Engines

—

by

Source URL: https://tech.slashdot.org/story/25/07/31/2259213/public-chatgpt-queries-are-getting-indexed-by-google-and-other-search-engines?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Public ChatGPT Queries Are Getting Indexed By Google and Other Search Engines Feedly Summary: AI Summary and Description: Yes Summary: The text highlights privacy concerns related to the sharing and indexing of ChatGPT conversations through search engines. It emphasizes the potential accidental exposure of personal information when users share…

Simon Willison’s Weblog: More model releases on 31st July

Jul 31, 2025

—

by

Source URL: https://simonwillison.net/2025/Jul/31/more-models/ Source: Simon Willison’s Weblog Title: More model releases on 31st July Feedly Summary: Here are a few more model releases from today, to round out a very busy July: Cohere released Command A Vision, their first multi-modal (image input) LLM. Like their others it’s open weights under Creative Commons Attribution Non-Commercial, so…

Docker: MCP Horror Stories: The Security Issues Threatening AI Infrastructure

Jul 31, 2025

—

by