Tag: sensitive data

Source URL: https://www.theregister.com/2025/01/30/amazon_sued_for_snarfing_sensitive/ Source: The Register Title: Amazon sued for allegedly slurping sensitive data via advertising SDK Feedly Summary: Harvesting of location data and other personal info without user consent, lawsuit claims Amazon and its advertising subsidiary have been sued for allegedly collecting personal and location data from third-party mobile apps without obtaining users’ informed…

The Register: Lazarus Group cloned open source projects to plant backdoors, steal credentials

—

by

Source URL: https://www.theregister.com/2025/01/29/lazarus_groups_supply_chain_attack/ Source: The Register Title: Lazarus Group cloned open source projects to plant backdoors, steal credentials Feedly Summary: Stealing crypto is so 2024. Supply-chain attacks leading to data exfil pays off better? North Korea’s Lazarus Group compromised hundreds of victims across the globe in a massive secret-stealing supply chain attack that was ongoing…

Unit 42: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia

—

by

Source URL: https://unit42.paloaltonetworks.com/?p=138128 Source: Unit 42 Title: CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia Feedly Summary: A Chinese-linked espionage campaign targeted entities in South Asia using rare techniques like DNS exfiltration, with the aim to steal sensitive data. The post CL-STA-0048: An Espionage Operation Against High-Value Targets in South Asia appeared first…

Hacker News: Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History

—

by

Source URL: https://www.wiz.io/blog/wiz-research-uncovers-exposed-deepseek-database-leak Source: Hacker News Title: Exposed DeepSeek Database Leaking Sensitive Information, Including Chat History Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text discusses a critical security vulnerability identified in DeepSeek’s publicly accessible ClickHouse database, which exposed sensitive information related to AI operations. Wiz Research’s responsible disclosure of an unprotected database…

Wired: Exposed DeepSeek Database Revealed Chat Prompts and Internal Data

—

by

Source URL: https://www.wired.com/story/exposed-deepseek-database-revealed-chat-prompts-and-internal-data/ Source: Wired Title: Exposed DeepSeek Database Revealed Chat Prompts and Internal Data Feedly Summary: China-based DeepSeek has exploded in popularity, drawing greater scrutiny. Case in point: Security researchers found more than 1 million records, including user data and API keys, in an open database. AI Summary and Description: Yes Summary: The text…

Simon Willison’s Weblog: How we estimate the risk from prompt injection attacks on AI systems

—

by

Source URL: https://simonwillison.net/2025/Jan/29/prompt-injection-attacks-on-ai-systems/ Source: Simon Willison’s Weblog Title: How we estimate the risk from prompt injection attacks on AI systems Feedly Summary: How we estimate the risk from prompt injection attacks on AI systems The “Agentic AI Security Team" at Google DeepMind share some details on how they are researching indirect prompt injection attacks. They…

Hacker News: Microsoft Probing If DeepSeek-Linked Group Improperly Obtained OpenAI Data

—

by

Source URL: https://www.bloomberg.com/news/articles/2025-01-29/microsoft-probing-if-deepseek-linked-group-improperly-obtained-openai-data Source: Hacker News Title: Microsoft Probing If DeepSeek-Linked Group Improperly Obtained OpenAI Data Feedly Summary: Comments AI Summary and Description: Yes Summary: Microsoft and OpenAI are reportedly investigating a potential data exfiltration incident involving their technology linked to a Chinese AI startup, DeepSeek. This raises critical concerns about security and integrity in…

The Register: The curious story of Uncle Sam’s HR dept, a hastily set up email server, and fears of another cyber disaster

—

by

Source URL: https://www.theregister.com/2025/01/29/opm_email_lawsuit/ Source: The Register Title: The curious story of Uncle Sam’s HR dept, a hastily set up email server, and fears of another cyber disaster Feedly Summary: Lawsuit challenges effort to create federal-wide centralized inbox expected to be used for mass firings Two anonymous US government employees have sued Uncle Sam’s HR department…

The Register: SLAP, Apple, and FLOP: Safari, Chrome at risk of data theft on iPhone, Mac Silicon

—

by