Tag: software systems
-
The Register: Clop-linked crims shake down Oracle execs with data theft claims
Source URL: https://www.theregister.com/2025/10/02/clop_oracle_extortion/ Source: The Register Title: Clop-linked crims shake down Oracle execs with data theft claims Feedly Summary: Extortion emails name-drop Big Red’s E-Business Suite, though Google and Mandiant yet to find proof of any breach Criminals with potential links to the notorious Clop ransomware mob are bombarding Oracle execs with extortion emails, claiming…
-
The Register: Socket will block it with free malicious package firewall
Source URL: https://www.theregister.com/2025/09/30/socket_will_block_it_with/ Source: The Register Title: Socket will block it with free malicious package firewall Feedly Summary: “sfw" stands for Socket Firewall, but perhaps also "safe for work." Software security biz Socket has released a free command line tool to defend developers against supply chain attacks.… AI Summary and Description: Yes Summary: The text…
-
The Register: Critical, make-me-super-user SAP S/4HANA bug under active exploitation
Source URL: https://www.theregister.com/2025/09/05/critical_sap_s4hana_bug_exploited/ Source: The Register Title: Critical, make-me-super-user SAP S/4HANA bug under active exploitation Feedly Summary: 9.9-rated flaw on the loose, so patch now A critical code-injection bug in SAP S/4HANA that allows low-privileged attackers to take over your SAP system is being actively exploited, according to security researchers.… AI Summary and Description: Yes…
-
The Register: Perplexity’s Comet browser naively processed pages with evil instructions
Source URL: https://www.theregister.com/2025/08/20/perplexity_comet_browser_prompt_injection/ Source: The Register Title: Perplexity’s Comet browser naively processed pages with evil instructions Feedly Summary: Rival Brave flags prompt injection vulnerability, now patched To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.… AI Summary and Description: Yes Summary: The text discusses a recently…
-
Schneier on Security: Subverting AIOps Systems Through Poisoned Input Data
Source URL: https://www.schneier.com/blog/archives/2025/08/subverting-aiops-systems-through-poisoned-input-data.html Source: Schneier on Security Title: Subverting AIOps Systems Through Poisoned Input Data Feedly Summary: In this input integrity attack against an AI system, researchers were able to fool AIOps tools: AIOps refers to the use of LLM-based agents to gather and analyze application telemetry, including system logs, performance metrics, traces, and alerts,…
-
The Register: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks
Source URL: https://www.theregister.com/2025/08/11/russias_romcom_among_those_exploiting/ Source: The Register Title: Russia’s RomCom among those exploiting a WinRAR 0-day in highly-targeted attacks Feedly Summary: A few weeks earlier ‘zeroplayer’ advertised an $80K WinRAR 0-day exploit Russia-linked attackers found and exploited a high-severity WinRAR vulnerability before the maintainers of the Windows file archiver issued a fix.… AI Summary and Description:…
-
Slashdot: Microsoft Used China-Based Engineers to Support Product Recently Hacked by China
Source URL: https://it.slashdot.org/story/25/08/04/1429251/microsoft-used-china-based-engineers-to-support-product-recently-hacked-by-china?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Microsoft Used China-Based Engineers to Support Product Recently Hacked by China Feedly Summary: AI Summary and Description: Yes Summary: The text reports on a security breach involving Chinese state-sponsored hackers exploiting SharePoint vulnerabilities, impacting numerous organizations, including U.S. government agencies. Notably, it mentions that this software, maintained by China-based…