vectors – Page 4 – Experimental News Clipping Site

The Register: Hungry hyperscalers boosted Cisco’s AI sales by a cool billion bucks

Aug 14, 2025

—

by

Source URL: https://www.theregister.com/2025/08/14/cisco_q4_2025/ Source: The Register Title: Hungry hyperscalers boosted Cisco’s AI sales by a cool billion bucks Feedly Summary: Big Tech is spending vastly more on AI infrastructure but Switchzilla thinks its piece of the pie will be fat and juicy Cisco sold twice as much AI kit as it forecast during its 2025…

Cisco Talos Blog: ReVault! When your SoC turns against you… deep dive edition

Aug 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/revault-when-your-soc-turns-against-you-2/ Source: Cisco Talos Blog Title: ReVault! When your SoC turns against you… deep dive edition Feedly Summary: Talos reported 5 vulnerabilities to Broadcom and Dell affecting both the ControlVault3 Firmware and its associated Windows APIs that we are calling “ReVault”. AI Summary and Description: Yes **Summary:** The text conducts an in-depth analysis…

Embrace The Red: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets

Aug 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/openhands-the-lethal-trifecta-strikes-again/ Source: Embrace The Red Title: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets Feedly Summary: Another day, another AI data exfiltration exploit. Today we talk about OpenHands, formerly referred to as OpenDevin initially. It’s created by All-Hands AI. OpenHands renders images in chat, which enables zero-click data exfiltration during prompt injection…

Simon Willison’s Weblog: My Lethal Trifecta talk at the Bay Area AI Security Meetup

Aug 9, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://simonwillison.net/2025/Aug/9/bay-area-ai/#atom-everything Source: Simon Willison’s Weblog Title: My Lethal Trifecta talk at the Bay Area AI Security Meetup Feedly Summary: I gave a talk on Wednesday at the Bay Area AI Security Meetup about prompt injection, the lethal trifecta and the challenges of securing systems that use MCP. It wasn’t recorded but I’ve created…

The Register: OpenAI’s GPT-5 is here with up to 80% fewer hallucinations

Aug 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/07/openai_gpt_5/ Source: The Register Title: OpenAI’s GPT-5 is here with up to 80% fewer hallucinations Feedly Summary: That totally makes up for the single-digit benchmark gains, right? OpenAI unveiled its most capable model yet on Thursday with the launch of GPT-5.… AI Summary and Description: Yes Summary: The announcement of OpenAI’s GPT-5 represents…

Embrace The Red: How Devin AI Can Leak Your Secrets Via Multiple Means

Aug 7, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/devin-can-leak-your-secrets/ Source: Embrace The Red Title: How Devin AI Can Leak Your Secrets Via Multiple Means Feedly Summary: In this post we show how an attacker can make Devin send sensitive information to third-party servers, via multiple means. This post assumes that you read the first post about Devin as well. But here…

Embrace The Red: I Spent $500 To Test Devin For Prompt Injection So That You Don’t Have To

Aug 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/devin-i-spent-usd500-to-hack-devin/ Source: Embrace The Red Title: I Spent $500 To Test Devin For Prompt Injection So That You Don’t Have To Feedly Summary: Today we cover Devin from Cognition, the first AI Software Engineer. We will cover Devin proof-of-concept exploits in multiple posts over the next few days. In this first post, we…

Unit 42: When Good Accounts Go Bad: Exploiting Delegated Managed Service Accounts in Active Directory

Aug 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/badsuccessor-attack-vector/ Source: Unit 42 Title: When Good Accounts Go Bad: Exploiting Delegated Managed Service Accounts in Active Directory Feedly Summary: BadSuccessor is an attack vector in Windows Server 2025. Under certain conditions it allows privilege elevation via dMSAs. We analyze its mechanics. The post When Good Accounts Go Bad: Exploiting Delegated Managed Service…

Cloud Blog: Spanner columnar engine: Powering next-generation analytics on operational data

Aug 6, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/databases/spanners-columnar-engine-unites-oltp-and-analytics/ Source: Cloud Blog Title: Spanner columnar engine: Powering next-generation analytics on operational data Feedly Summary: For years, organizations have struggled with the workload conflict between online transaction processing (OLTP) and analytical query processing. OLTP systems such as Spanner are optimized for high-volume, low-latency transactions, and use row-oriented storage that’s efficient for individual…

Embrace The Red: Amp Code: Arbitrary Command Execution via Prompt Injection Fixed

Aug 5, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/amp-agents-that-modify-system-configuration-and-escape/ Source: Embrace The Red Title: Amp Code: Arbitrary Command Execution via Prompt Injection Fixed Feedly Summary: Sandbox-escape-style attacks can happen when an AI is able to modify its own configuration settings, such as by writing to configuration files. That was the case with Amp, an agentic coding tool built by Sourcegraph. The…

Tag: vectors