Experimental News Clipping Site

Tag: theft

  • The Register: More packages poisoned in npm attack, but would-be crypto thieves left pocket change

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/09/npm_supply_chain_attack/ Source: The Register Title: More packages poisoned in npm attack, but would-be crypto thieves left pocket change Feedly Summary: Miscreants cost victims time rather than money During the two-hour window on Monday in which hijacked npm versions were available for download, malware-laced packages reached one in 10 cloud environments, according to Wiz…

  • Cisco Talos Blog: From summer camp to grind season

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/from-summer-camp-to-grind-season/ Source: Cisco Talos Blog Title: From summer camp to grind season Feedly Summary: Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry. AI Summary and Description: Yes Summary: This text discusses the ongoing evolution of threats related…

  • Schneier on Security: Generative AI as a Cybercrime Assistant

    by

    Kurt Seifried
    in

    Source URL: https://www.schneier.com/blog/archives/2025/09/generative-ai-as-a-cybercrime-assistant.html Source: Schneier on Security Title: Generative AI as a Cybercrime Assistant Feedly Summary: Anthropic reports on a Claude user: We recently disrupted a sophisticated cybercriminal that used Claude Code to commit large-scale theft and extortion of personal data. The actor targeted at least 17 distinct organizations, including in healthcare, the emergency services,…

  • Krebs on Security: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft

    by

    Kurt Seifried
    in

    Source URL: https://krebsonsecurity.com/2025/09/the-ongoing-fallout-from-a-breach-at-ai-chatbot-maker-salesloft/ Source: Krebs on Security Title: The Ongoing Fallout from a Breach at AI Chatbot Maker Salesloft Feedly Summary: The recent mass-theft of authentication tokens from Salesloft, whose AI chatbot is used by a broad swath of corporate America to convert customer interaction into Salesforce leads, has left many companies racing to invalidate…

  • Slashdot: Defense Department Reportedly Relies On Utility Written by Russian Dev

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/08/27/2026245/defense-department-reportedly-relies-on-utility-written-by-russian-dev?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Defense Department Reportedly Relies On Utility Written by Russian Dev Feedly Summary: AI Summary and Description: Yes Summary: The article highlights concerns over the fast-glob utility, widely used in Node.js applications, particularly within U.S. Department of Defense systems. Maintained by a Russian developer with ties to Yandex, the lack…

  • The Register: Salesforce data missing? It might be due to Salesloft breach, Google says

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/08/27/salesforce_salesloft_breach/ Source: The Register Title: Salesforce data missing? It might be due to Salesloft breach, Google says Feedly Summary: Attackers steal OAuth tokens to access third-party sales platform, then CRM data in ‘widespread campaign’ Google says a recent spate of Salesforce-related breaches was caused by attackers stealing OAuth tokens from the third-party Salesloft…

  • Simon Willison’s Weblog: Piloting Claude for Chrome

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Aug/26/piloting-claude-for-chrome/#atom-everything Source: Simon Willison’s Weblog Title: Piloting Claude for Chrome Feedly Summary: Piloting Claude for Chrome Two days ago I said: I strongly expect that the entire concept of an agentic browser extension is fatally flawed and cannot be built safely. Today Anthropic announced their own take on this pattern, implemented as an…