Experimental News Clipping Site

Tag: uth

  • Schneier on Security: GPT-4o-mini Falls for Psychological Manipulation

    by

    Kurt Seifried
    in

    Source URL: https://www.schneier.com/blog/archives/2025/09/gpt-4o-mini-falls-for-psychological-manipulation.html Source: Schneier on Security Title: GPT-4o-mini Falls for Psychological Manipulation Feedly Summary: Interesting experiment: To design their experiment, the University of Pennsylvania researchers tested 2024’s GPT-4o-mini model on two requests that it should ideally refuse: calling the user a jerk and giving directions for how to synthesize lidocaine. The researchers created experimental…

  • The Register: Attackers snooping around Sitecore, dropping malware via public sample keys

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/04/unknown_miscreants_snooping_around_sitecore/ Source: The Register Title: Attackers snooping around Sitecore, dropping malware via public sample keys Feedly Summary: You cut and pasted the machine key from the official documentation? Ouch Unknown miscreants are exploiting a configuration vulnerability in multiple Sitecore products to achieve remote code execution via a publicly exposed key and deploy snooping…

  • Cisco Talos Blog: From summer camp to grind season

    by

    Kurt Seifried
    in

    Source URL: https://blog.talosintelligence.com/from-summer-camp-to-grind-season/ Source: Cisco Talos Blog Title: From summer camp to grind season Feedly Summary: Bill takes thoughtful look at the transition from summer camp to grind season, explores the importance of mental health and reflects on AI psychiatry. AI Summary and Description: Yes Summary: This text discusses the ongoing evolution of threats related…

  • The Cloudflare Blog: Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1

    by

    Kurt Seifried
    in

    Source URL: https://blog.cloudflare.com/unauthorized-issuance-of-certificates-for-1-1-1-1/ Source: The Cloudflare Blog Title: Addressing the unauthorized issuance of multiple TLS certificates for 1.1.1.1 Feedly Summary: Unauthorized TLS certificates were issued for 1.1.1.1 by a Certification Authority without permission from Cloudflare. These rogue certificates have now been revoked. AI Summary and Description: Yes Summary: The text describes a serious incident involving…

  • Slashdot: New AI Model Turns Photos Into Explorable 3D Worlds, With Caveats

    by

    Kurt Seifried
    in

    Source URL: https://news.slashdot.org/story/25/09/03/2312210/new-ai-model-turns-photos-into-explorable-3d-worlds-with-caveats?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: New AI Model Turns Photos Into Explorable 3D Worlds, With Caveats Feedly Summary: AI Summary and Description: Yes Summary: Tencent’s release of HunyuanWorld-Voyager, an open-weights AI model for generating 3D-consistent video sequences from single images, represents a significant advancement in generative AI technology. Despite its limitations, this innovation has…

  • The Register: France fines Google, SHEIN, for undercooked Cookie policies that led to crummy privacy

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/04/france_google_shein_cookie_fines/ Source: The Register Title: France fines Google, SHEIN, for undercooked Cookie policies that led to crummy privacy Feedly Summary: Web giant and Chinese e-tailer whacked for dropping trackers without permission France’s data protection authority levied massive fines against Google and SHEIN for dropping cookies on customers without securing their permission, and also…

  • The Register: Congressional panel throws cyber threat intel-sharing, funding a lifeline

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/09/04/cyber_threat_intelsharing_funding_lifeline/ Source: The Register Title: Congressional panel throws cyber threat intel-sharing, funding a lifeline Feedly Summary: Clock is ticking US security leaders have urged lawmakers to reauthorize two key pieces of cyber legislation, including one that facilitates threat-intel sharing between the private sector and federal government, before they expire at the end of…

  • Schneier on Security: Indirect Prompt Injection Attacks Against LLM Assistants

    by

    Kurt Seifried
    in

    Source URL: https://www.schneier.com/blog/archives/2025/09/indirect-prompt-injection-attacks-against-llm-assistants.html Source: Schneier on Security Title: Indirect Prompt Injection Attacks Against LLM Assistants Feedly Summary: Really good research on practical attacks against LLM agents. “Invitation Is All You Need! Promptware Attacks Against LLM-Powered Assistants in Production Are Practical and Dangerous” Abstract: The growing integration of LLMs into applications has introduced new security risks,…

  • Unit 42: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust

    by

    Kurt Seifried
    in

    Source URL: https://unit42.paloaltonetworks.com/model-namespace-reuse/ Source: Unit 42 Title: Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model Name Trust Feedly Summary: Model namespace reuse is a potential security risk in the AI supply chain. Attackers can misuse platforms like Hugging Face for remote code execution. The post Model Namespace Reuse: An AI Supply-Chain Attack Exploiting Model…