Tag: vulnerability

  • The Register: Oracle Health reportedly warns of info leak from legacy server

    Source URL: https://www.theregister.com/2025/03/30/infosec_news_in_brief/ Source: The Register Title: Oracle Health reportedly warns of info leak from legacy server Feedly Summary: PLUS: OpenAI bumps bug bounties bigtime; INTERPOL arrests 300 alleged cyber-scammers; And more! Infosec in brief Oracle Health appears to have fallen victim to an info stealing attack that has led to patient data stored by…

  • Hacker News: GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED)

    Source URL: https://www.praetorian.com/blog/codeqleaked-public-secrets-exposure-leads-to-supply-chain-attack-on-github-codeql/ Source: Hacker News Title: GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a potential supply chain attack on GitHub’s CodeQL due to a publicly exposed GitHub token, emphasizing risks associated with CI/CD vulnerabilities. It highlights how such a breach could…

  • Slashdot: Nearly 1.5 Million Private Photos from Five Dating Apps Were Exposed Online

    Source URL: https://yro.slashdot.org/story/25/03/30/0236216/nearly-15-million-private-photos-from-five-dating-apps-were-exposed-online Source: Slashdot Title: Nearly 1.5 Million Private Photos from Five Dating Apps Were Exposed Online Feedly Summary: AI Summary and Description: Yes Summary: The text reveals a significant security breach concerning nearly 1.5 million explicit images from specialist dating apps being stored unprotected online, making them susceptible to unauthorized access. The incident…

  • Hacker News: We hacked Google’s A.I Gemini and leaked its source code (at least some part)

    Source URL: https://www.landh.tech/blog/20250327-we-hacked-gemini-source-code/ Source: Hacker News Title: We hacked Google’s A.I Gemini and leaked its source code (at least some part) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the hacker team’s experience at the Google LLM bugSWAT event, focusing on their discovery of vulnerabilities in Google’s Gemini AI model. The…

  • Hacker News: Gemini hackers can deliver more potent attacks with a helping hand from Gemini

    Source URL: https://arstechnica.com/security/2025/03/gemini-hackers-can-deliver-more-potent-attacks-with-a-helping-hand-from-gemini/ Source: Hacker News Title: Gemini hackers can deliver more potent attacks with a helping hand from Gemini Feedly Summary: Comments AI Summary and Description: Yes Summary: The provided text discusses the emerging threat of indirect prompt injection attacks on large language models (LLMs) like OpenAI’s GPT-3, GPT-4, and Google’s Gemini. It outlines…

  • Anchore: Generating SBOMs for JavaScript Projects: A Developer’s Guide

    Source URL: https://anchore.com/blog/javascript-sbom-generation/ Source: Anchore Title: Generating SBOMs for JavaScript Projects: A Developer’s Guide Feedly Summary: Let’s be honest: modern JavaScript projects can feel like a tangled web of packages. Knowing exactly what’s in your final build is crucial, especially with rising security concerns. That’s where a Software Bill of Materials (SBOM) comes in handy…

  • The Register: After Chrome patches zero-day used to target Russians, Firefox splats similar bug

    Source URL: https://www.theregister.com/2025/03/28/google_kaspersky_mozilla/ Source: The Register Title: After Chrome patches zero-day used to target Russians, Firefox splats similar bug Feedly Summary: Single click on a phishing link in Google browser blew up sandbox on Windows Google pushed out an emergency patch for Chrome on Windows this week to stop attackers exploiting a sandbox-breaking zero-day vulnerability,…