vigilance – Page 8 – Experimental News Clipping Site

The Register: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons

Aug 4, 2025

—

by

Source URL: https://www.theregister.com/2025/08/04/mozilla_add_on_phishing/ Source: The Register Title: Mozilla flags phishing wave aimed at hijacking trusted Firefox add-ons Feedly Summary: Devs told to exercise ‘extreme caution’ with emails disguised as account update prompts Mozilla is warning of an ongoing phishing campaign targeting developers of Firefox add-ons.… AI Summary and Description: Yes Summary: Mozilla has issued a…

Embrace The Red: Turning ChatGPT Codex Into A ZombAI Agent

Aug 2, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/chatgpt-codex-remote-control-zombai/ Source: Embrace The Red Title: Turning ChatGPT Codex Into A ZombAI Agent Feedly Summary: Today we cover ChatGPT Codex as part of the Month of AI Bugs series. ChatGPT Codex is a cloud-based software engineering agent that answers codebase questions, executes code, and drafts pull requests. In particular, this post will demonstrate…

The Register: Rampant emoji use suggests crypto-stealing NPM package was written by AI

Aug 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/08/01/emoji_use_ai_malware/ Source: The Register Title: Rampant emoji use suggests crypto-stealing NPM package was written by AI Feedly Summary: Kodane code was either machine-generated or done by a teenager An NPM package packed with cryptocurrency-stealing malware appears to have been largely AI-generated, as evidenced by its liberal use of emojis and other telltale signs.……

Embrace The Red: Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection

Aug 1, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/chatgpt-chat-history-data-exfiltration/ Source: Embrace The Red Title: Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection Feedly Summary: In this post we demonstrate how a bypass in OpenAI’s “safe URL” rendering feature allows ChatGPT to send personal information to a third-party server. This can be exploited by an adversary via a prompt injection…

Anton on Security – Medium: Google Cloud Security Threat Horizons Report #12 Is Out!

Jul 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://medium.com/anton-on-security/google-cloud-security-threat-horizons-report-12-is-out-6e84e700467f?source=rss—-8e8c3ed26c4c—4 Source: Anton on Security – Medium Title: Google Cloud Security Threat Horizons Report #12 Is Out! Feedly Summary: AI Summary and Description: Yes Summary: The text discusses insights from Google Cloud’s Threat Horizons Report #12, focusing on key security vulnerabilities in cloud environments. It highlights the persistent exploitation of issues like credential…

The Register: Silk Typhoon spun a web of patents for offensive cyber tools, report says

Jul 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://www.theregister.com/2025/07/31/silk_typhoon_attack_patents/ Source: The Register Title: Silk Typhoon spun a web of patents for offensive cyber tools, report says Feedly Summary: US court docs reveal that infamous Chinese snoops filed IP papers like tax returns Security researchers have uncovered more than a dozen patents for offensive cybersecurity tools filed by Chinese companies allegedly tied…

Cisco Talos Blog: IR Trends Q2 2025: Phishing attacks persist as actors leverage compromised valid accounts to enhance legitimacy

Jul 31, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://blog.talosintelligence.com/ir-trends-q2-2025/ Source: Cisco Talos Blog Title: IR Trends Q2 2025: Phishing attacks persist as actors leverage compromised valid accounts to enhance legitimacy Feedly Summary: Phishing remained the top initial access method in Q2 2025, while ransomware incidents see the emergence of new Qilin tactics. AI Summary and Description: Yes **Summary:** The text provides…

Cloud Blog: Cloud CISO Perspectives: Going beyond 2FA to address fast-rising, emerging threats

Jul 30, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://cloud.google.com/blog/products/identity-security/cloud-ciso-perspectives-adding-new-layered-protections-to-2fa/ Source: Cloud Blog Title: Cloud CISO Perspectives: Going beyond 2FA to address fast-rising, emerging threats Feedly Summary: Welcome to the second Cloud CISO Perspectives for July 2025. Today, Andy Wen, director, product management, Workspace Security, discusses new efforts we’re making to defend against identity-based cyberattacks.As with all Cloud CISO Perspectives, the contents…

Unit 42: The Covert Operator’s Playbook: Infiltration of Global Telecom Networks

Jul 29, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://unit42.paloaltonetworks.com/infiltration-of-global-telecom-networks/ Source: Unit 42 Title: The Covert Operator’s Playbook: Infiltration of Global Telecom Networks Feedly Summary: Recent activity targeting telecom infrastructure is assessed with high confidence to overlap with Liminal Panda activity. The actors used custom tools, tunneling and OPSEC tactics for stealth. The post The Covert Operator’s Playbook: Infiltration of Global Telecom…

Embrace The Red: The Month of AI Bugs 2025

Jul 28, 2025

—

by

Kurt Seifried

in Uncategorized

Source URL: https://embracethered.com/blog/posts/2025/announcement-the-month-of-ai-bugs/ Source: Embrace The Red Title: The Month of AI Bugs 2025 Feedly Summary: This year I spent a lot of time reviewing, exploiting and working with vendors to fix vulnerabilities in agentic AI systems. As a result, I’m excited to announce the Month of AI Bugs 2025! Goal Of The Initiative The…

Tag: vigilance