Tag: unauthorized access
-
The Register: ‘Limited’ data leak at Aussie telco turns out to be 280K customer details
Source URL: https://www.theregister.com/2025/08/20/tpg_telecom_iinet_breach/ Source: The Register Title: ‘Limited’ data leak at Aussie telco turns out to be 280K customer details Feedly Summary: iiNet breach blamed on single stolen login, with emails, phone numbers, and addresses exposed Aussie telco giant TPG Telecom has opened an investigation after confirming a cyberattack at subsidiary iiNet.… AI Summary and…
-
The Register: Intel ghosts researcher who found web apps spilled 270K staff records
Source URL: https://www.theregister.com/2025/08/20/intel_website_flaws/ Source: The Register Title: Intel ghosts researcher who found web apps spilled 270K staff records Feedly Summary: Chipzilla quietly fixed the problems without responding to the person who found them Security boffin Eaton Zveare has highlighted some serious holes in the online infrastructure of chip giant Intel – walking through services with…
-
The Register: Don’t want drive-by Ollama attackers snooping on your local chats? Patch now
Source URL: https://www.theregister.com/2025/08/19/ollama_driveby_attack/ Source: The Register Title: Don’t want drive-by Ollama attackers snooping on your local chats? Patch now Feedly Summary: Reconfigure local app settings via a ‘simple’ POST request A now-patched flaw in popular AI model runner Ollama allows drive-by attacks in which a miscreant uses a malicious website to remotely target people’s personal…
-
The Register: Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in
Source URL: https://www.theregister.com/2025/08/19/apache_activemq_patch_malware/ Source: The Register Title: Like burglars closing a door, Apache ActiveMQ attackers patch critical vuln after breaking in Feedly Summary: Intruders hoped no one would notice their presence Criminals exploiting a critical vulnerability in open source Apache ActiveMQ middleware are fixing the flaw that allowed them access, after establishing persistence on Linux…
-
Cloud Blog: Announcing new capabilities for enabling defenders and securing AI innovation
Source URL: https://cloud.google.com/blog/products/identity-security/security-summit-2025-enabling-defenders-and-securing-ai-innovation/ Source: Cloud Blog Title: Announcing new capabilities for enabling defenders and securing AI innovation Feedly Summary: AI presents an unprecedented opportunity for organizations to redefine their security posture and reduce the greatest amount of risk for the investment. From proactively finding zero-day vulnerabilities to processing vast amounts of threat intelligence data in…
-
The Register: Uncle Sam asks industry if it has AI that’ll make procurement suck less
Source URL: https://www.theregister.com/2025/08/19/us_government_ai_procurement/ Source: The Register Title: Uncle Sam asks industry if it has AI that’ll make procurement suck less Feedly Summary: Plan includes chatbots ‘with full user context and data access’ – what could go wrong? US government buyers have been busy getting AI into the hands of federal agencies, and now they’re taking…
-
Embrace The Red: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection
Source URL: https://embracethered.com/blog/posts/2025/amazon-q-developer-data-exfil-via-dns/ Source: Embrace The Red Title: Amazon Q Developer: Secrets Leaked via DNS and Prompt Injection Feedly Summary: The next three posts will cover high severity vulnerabilities in the Amazon Q Developer VS Code Extension (Amazon Q), which is a very popular coding agent, with over 1 million downloads. It is vulnerable to…
-
Slashdot: Male-Oriented App ‘TeaOnHer’ Also Had Security Flaws That Could Leak Men’s Driver’s License Photos
Source URL: https://it.slashdot.org/story/25/08/18/0550252/male-oriented-app-teaonher-also-had-security-flaws-that-could-leak-mens-drivers-license-photos?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Male-Oriented App ‘TeaOnHer’ Also Had Security Flaws That Could Leak Men’s Driver’s License Photos Feedly Summary: AI Summary and Description: Yes Summary: The text discusses data breaches and security flaws in two dating-advice apps, focusing on the implications of such incidents for user privacy and corporate liability. These issues…
-
The Register: Typhoon-adjacent Chinese crew broke into Taiwanese web host
Source URL: https://www.theregister.com/2025/08/15/typhoonadjacent_chinese_crew_taiwan_web_servers/ Source: The Register Title: Typhoon-adjacent Chinese crew broke into Taiwanese web host Feedly Summary: Is that a JuicyPotato on your network? A suspected Chinese-government-backed cyber crew recently broke into a Taiwanese web hosting provider to steal credentials and plant backdoors for long-term access, using a mix of open-source and custom software tools,…
-
The Register: Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole
Source URL: https://www.theregister.com/2025/08/15/cisco_secure_firewall_management_bug/ Source: The Register Title: Cisco’s Secure Firewall Management Center now not-so secure, springs a CVSS 10 RCE hole Feedly Summary: Switchzilla’s summer of perfect 10s Cisco has issued a patch for a maximum-severity bug in its Secure Firewall Management Center (FMC) software that could allow an unauthenticated, remote attacker to inject arbitrary…