Experimental News Clipping Site

Tag: threat

  • Wired: An App Used to Dox Charlie Kirk Critics Doxed Its Own Users Instead

    by

    Kurt Seifried
    in

    Source URL: https://www.wired.com/story/app-used-to-dox-charlie-kirk-critics-doxed-its-own-users-instead/ Source: Wired Title: An App Used to Dox Charlie Kirk Critics Doxed Its Own Users Instead Feedly Summary: Plus: A ransomeware gang steals data on 8,000 preschoolers, Microsoft blocks Israel’s military from using its cloud for surveillance, call-recording app Neon hits pause over security holes, and more. AI Summary and Description: Yes…

  • The Register: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/27/rednovember_chinese_espionage/ Source: The Register Title: Hunt for RedNovember: Beijing hacked critical orgs in year-long snooping campaign Feedly Summary: Not to be confused with all the other reports of Chinese intruders on US networks that came to light this week RedNovember, a Chinese state-sponsored cyberspy group, targeted government and critical private-sector networks around the…

  • Unit 42: Threat Insights: Active Exploitation of Cisco ASA Zero Days

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/zero-day-vulnerabilities-affect-cisco-software/ Source: Unit 42 Title: Threat Insights: Active Exploitation of Cisco ASA Zero Days Feedly Summary: CVE-2025-20333, CVE-2025-20362 and CVE-2025-20363 affect multiple Cisco products, and are being exploited by a threat actor linked to the ArcaneDoor campaign. The post Threat Insights: Active Exploitation of Cisco ASA Zero Days appeared first on Unit 42.…

  • Slashdot: Chinese Hackers Breach US Software and Law Firms Amid Trade Fight

    by

    Kurt Seifried
    in

    Source URL: https://yro.slashdot.org/story/25/09/26/1836203/chinese-hackers-breach-us-software-and-law-firms-amid-trade-fight?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Chinese Hackers Breach US Software and Law Firms Amid Trade Fight Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a sophisticated hacking campaign by suspected Chinese hackers targeting US software developers and law firms, as reported by cybersecurity firm Mandiant. The implications for cloud computing security…

  • Simon Willison’s Weblog: How to stop AI’s “lethal trifecta”

    by

    Kurt Seifried
    in

    Source URL: https://simonwillison.net/2025/Sep/26/how-to-stop-ais-lethal-trifecta/ Source: Simon Willison’s Weblog Title: How to stop AI’s “lethal trifecta” Feedly Summary: How to stop AI’s “lethal trifecta” This is the second mention of the lethal trifecta in the Economist in just the last week! Their earlier coverage was Why AI systems may never be secure on September 22nd – I…

  • The Register: Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/26/microsoft_xcsset_macos/ Source: The Register Title: Microsoft spots fresh XCSSET malware strain hiding in Apple dev projects Feedly Summary: Upgraded nasty slips into Xcode builds, steals crypto, and disables macOS defenses The long-running XCSSET malware strain has evolved again, with Microsoft warning of a new macOS variant that expands its bag of tricks while…

  • Slashdot: Meta Launches Vibes, an Endless Feed of AI Slop for Your Viewing Displeasure

    by

    Kurt Seifried
    in

    Source URL: https://tech.slashdot.org/story/25/09/26/1344237/meta-launches-vibes-an-endless-feed-of-ai-slop-for-your-viewing-displeasure?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Meta Launches Vibes, an Endless Feed of AI Slop for Your Viewing Displeasure Feedly Summary: AI Summary and Description: Yes Summary: Meta’s launch of Vibes signifies a step forward in the market of AI-generated content, focusing on user interactivity and personalization within its platform. This development is particularly relevant…

  • The Register: LockBit’s new variant is ‘most dangerous yet,’ hitting Windows, Linux and VMware ESXi

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/26/lockbits_new_variant_is_most/ Source: The Register Title: LockBit’s new variant is ‘most dangerous yet,’ hitting Windows, Linux and VMware ESXi Feedly Summary: Operation Cronos didn’t kill LockBit – it just came back meaner Trend Micro has sounded the alarm over the new LockBit 5.0 ransomware strain, which it warns is “significantly more dangerous" than past…

  • The Register: ‘An attacker’s playground:’ Crims exploit GoAnywhere perfect-10 bug

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/26/an_apts_playground_goanywhere_perfect10/ Source: The Register Title: ‘An attacker’s playground:’ Crims exploit GoAnywhere perfect-10 bug Feedly Summary: Researchers say tens of thousands of instances remain publicly reachable Security researchers have confirmed that threat actors have exploited the maximum-severity vulnerability affecting Fortra’s GoAnywhere managed file transfer (MFT), and chastised the vendor for a lack of transparency.……

  • Docker: The Trust Paradox: When Your AI Gets Catfished

    by

    Kurt Seifried
    in

    Source URL: https://www.docker.com/blog/mcp-prompt-injection-trust-paradox/ Source: Docker Title: The Trust Paradox: When Your AI Gets Catfished Feedly Summary: The fundamental challenge with MCP-enabled attacks isn’t technical sophistication. It’s that hackers have figured out how to catfish your AI. These attacks work because they exploit the same trust relationships that make your development team actually functional. When your…