Tag: systems

—

by

Source URL: https://it.slashdot.org/story/25/08/09/1947230/google-says-its-ai-based-bug-hunter-found-20-security-vulnerabilities Source: Slashdot Title: Google Says Its AI-Based Bug Hunter Found 20 Security Vulnerabilities Feedly Summary: AI Summary and Description: Yes Summary: Google’s Big Sleep, an LLM-based vulnerability researcher, reported 20 vulnerabilities in popular open-source software, marking a significant advancement in automated vulnerability discovery. This highlights the increasing efficacy of AI tools in…

Simon Willison’s Weblog: Quoting Ethan Mollick

—

by

Source URL: https://simonwillison.net/2025/Aug/9/ethan-mollick/#atom-everything Source: Simon Willison’s Weblog Title: Quoting Ethan Mollick Feedly Summary: The issue with GPT-5 in a nutshell is that unless you pay for model switching & know to use GPT-5 Thinking or Pro, when you ask “GPT-5” you sometimes get the best available AI & sometimes get one of the worst AIs…

Cisco Talos Blog: ReVault! When your SoC turns against you… deep dive edition

—

by

Source URL: https://blog.talosintelligence.com/revault-when-your-soc-turns-against-you-2/ Source: Cisco Talos Blog Title: ReVault! When your SoC turns against you… deep dive edition Feedly Summary: Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”. AI Summary and Description: Yes **Summary:** The text conducts an in-depth analysis…

Embrace The Red: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets

—

by

Source URL: https://embracethered.com/blog/posts/2025/openhands-the-lethal-trifecta-strikes-again/ Source: Embrace The Red Title: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets Feedly Summary: Another day, another AI data exfiltration exploit. Today we talk about OpenHands, formerly referred to as OpenDevin initially. It’s created by All-Hands AI. OpenHands renders images in chat, which enables zero-click data exfiltration during prompt injection…

AlgorithmWatch: The AI Revolution Comes With the Exploitation of Gig Workers

—

by

Source URL: https://algorithmwatch.org/en/ai-revolution-exploitation-gig-workers/ Source: AlgorithmWatch Title: The AI Revolution Comes With the Exploitation of Gig Workers Feedly Summary: Business process outsourcing (BPO) companies manage the human work behind AI development. However, they face accusations of worker exploitation, underpayment and wage theft. Big tech companies benefit from this work model. AI Summary and Description: Yes **Summary**:…

Simon Willison’s Weblog: When a Jira Ticket Can Steal Your Secrets

—

by

Source URL: https://simonwillison.net/2025/Aug/9/when-a-jira-ticket-can-steal-your-secrets/ Source: Simon Willison’s Weblog Title: When a Jira Ticket Can Steal Your Secrets Feedly Summary: When a Jira Ticket Can Steal Your Secrets Zenity Labs describe a classic lethal trifecta attack, this time against Cursor, MCP, Jira and Zendesk. They also have a short video demonstrating the issue. Zendesk support emails are…

Simon Willison’s Weblog: My Lethal Trifecta talk at the Bay Area AI Security Meetup

—

by

Source URL: https://simonwillison.net/2025/Aug/9/bay-area-ai/#atom-everything Source: Simon Willison’s Weblog Title: My Lethal Trifecta talk at the Bay Area AI Security Meetup Feedly Summary: I gave a talk on Wednesday at the Bay Area AI Security Meetup about prompt injection, the lethal trifecta and the challenges of securing systems that use MCP. It wasn’t recorded but I’ve created…

Slashdot: Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ For Enterprise

—

by

Source URL: https://it.slashdot.org/story/25/08/08/2113251/red-teams-jailbreak-gpt-5-with-ease-warn-its-nearly-unusable-for-enterprise?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Red Teams Jailbreak GPT-5 With Ease, Warn It’s ‘Nearly Unusable’ For Enterprise Feedly Summary: AI Summary and Description: Yes Summary: The text highlights significant security vulnerabilities in the newly released GPT-5 model, noting that it was easily jailbroken within a short timeframe. The results from different red teaming efforts…

The Cloudflare Blog: Redesigning Workers KV for increased availability and faster performance

Aug 8, 2025

—

by