software applications – Experimental News Clipping Site

The Register: Clop crew hits Oracle E-Business Suite users with fresh zero-day

Oct 6, 2025

—

by

Source URL: https://www.theregister.com/2025/10/06/clop_oracle_ebs_zeroday/ Source: The Register Title: Clop crew hits Oracle E-Business Suite users with fresh zero-day Feedly Summary: Big Red rushes out patch for 9.8-rated flaw after crooks exploit it for data theft and extortion Oracle rushed out an emergency fix over the weekend for a zero-day vulnerability in its E-Business Suite (EBS) that…

Cisco Talos Blog: Nvidia and Adobe vulnerabilities

Oct 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/nvidia-and-adobe-vulnerabilities/ Source: Cisco Talos Blog Title: Nvidia and Adobe vulnerabilities Feedly Summary: Cisco Talos’ Vulnerability Discovery & Research team recently disclosed five vulnerabilities in Nvidia and one in Adobe Acrobat.The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability disclosure policy. For Snort…

Simon Willison’s Weblog: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration

Sep 19, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Sep/19/notion-lethal-trifecta/ Source: Simon Willison’s Weblog Title: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration Feedly Summary: The Hidden Risk in Notion 3.0 AI Agents: Web Search Tool Abuse for Data Exfiltration Abi Raghuram reports that Notion 3.0, released yesterday, introduces new prompt injection data exfiltration vulnerabilities…

Slashdot: Boffins Build Automated Android Bug Hunting System

Sep 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://it.slashdot.org/story/25/09/05/196218/boffins-build-automated-android-bug-hunting-system?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Boffins Build Automated Android Bug Hunting System Feedly Summary: AI Summary and Description: Yes Summary: The text discusses an innovative AI-powered bug-hunting agent called A2, developed by researchers from Nanjing University and the University of Sydney. This agent aims to enhance vulnerability discovery in Android apps, achieving significantly higher…

The Register: Attackers snooping around Sitecore, dropping malware via public sample keys

Sep 4, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/09/04/unknown_miscreants_snooping_around_sitecore/ Source: The Register Title: Attackers snooping around Sitecore, dropping malware via public sample keys Feedly Summary: You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping…

Tomasz Tunguz: The Second-Order Effects of AI

Aug 27, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.tomtunguz.com/mdb-earnings-2025-08-27/ Source: Tomasz Tunguz Title: The Second-Order Effects of AI Feedly Summary: AI vendor revenue will double classic software in terms of new bookings this year. This trend is so large it’s starting to have second-order effects. MongoDB reported strong Q2 FY’26 results, delivering $591M in revenue with 24% year-over-year growth. AI is…

The Cloudflare Blog: Securing the AI Revolution: Introducing Cloudflare MCP Server Portals

Aug 26, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.cloudflare.com/zero-trust-mcp-server-portals/ Source: The Cloudflare Blog Title: Securing the AI Revolution: Introducing Cloudflare MCP Server Portals Feedly Summary: Cloudflare MCP Server Portals are now available in Open Beta. MCP Server Portals are a new capability that enable you to centralize, secure, and observe every MCP connection in your organization. AI Summary and Description: Yes…

Embrace The Red: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets

Aug 21, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/windsurf-data-exfiltration-vulnerabilities/ Source: Embrace The Red Title: Hijacking Windsurf: How Prompt Injection Leaks Developer Secrets Feedly Summary: This is the first post in a series exploring security vulnerabilities in Windsurf. If you are unfamiliar with Windsurf, it is a fork of VS Code and the coding agent is called Windsurf Cascade. The attack vectors…

The Register: Microsoft crams Copilot AI directly into Excel cells

Aug 18, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/18/microsoft_adds_copilot_ai_formulas/ Source: The Register Title: Microsoft crams Copilot AI directly into Excel cells Feedly Summary: Meet the new COPILOT function Microsoft, in its ongoing effort to AI-ify every product it has, is now adding it right into the cells of Excel. Available on Monday to beta users of Microsoft 365 Copilot, a new…

Embrace The Red: Claude Code: Data Exfiltration with DNS Requests

Aug 11, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/claude-code-exfiltration-via-dns-requests/ Source: Embrace The Red Title: Claude Code: Data Exfiltration with DNS Requests Feedly Summary: Today we cover Claude Code and a high severity vulnerability that Anthropic fixed in early June. The vulnerability allowed an attacker to hijack Claude Code via indirect prompt injection and leak sensitive information from the developer’s machine, e.g.…

Tag: software applications