Experimental News Clipping Site

Tag: vulnerability

  • Alerts: CISA Adds One Known Exploited Vulnerability to Catalog

    by

    Kurt Seifried
    in

    Source URL: https://www.cisa.gov/news-events/alerts/2025/03/31/cisa-adds-one-known-exploited-vulnerability-catalog Source: Alerts Title: CISA Adds One Known Exploited Vulnerability to Catalog Feedly Summary: CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2024-20439 Cisco Smart Licensing Utility Static Credential Vulnerability These types of vulnerabilities are frequent attack vectors for malicious cyber actors and pose…

  • Microsoft Security Blog: Analyzing open-source bootloaders: Finding vulnerabilities faster with AI

    by

    Kurt Seifried
    in

    Source URL: https://www.microsoft.com/en-us/security/blog/2025/03/31/analyzing-open-source-bootloaders-finding-vulnerabilities-faster-with-ai/ Source: Microsoft Security Blog Title: Analyzing open-source bootloaders: Finding vulnerabilities faster with AI Feedly Summary: Using Microsoft Security Copilot to expedite the discovery process, Microsoft has uncovered several vulnerabilities in multiple open-source bootloaders impacting all operating systems relying on Unified Extensible Firmware Interface (UEFI) Secure Boot. Through a series of prompts, we…

  • The Register: Oracle Health reportedly warns of info leak from legacy server

    by

    Kurt Seifried
    in

    Source URL: https://www.theregister.com/2025/03/30/infosec_news_in_brief/ Source: The Register Title: Oracle Health reportedly warns of info leak from legacy server Feedly Summary: PLUS: OpenAI bumps bug bounties bigtime; INTERPOL arrests 300 alleged cyber-scammers; And more! Infosec in brief Oracle Health appears to have fallen victim to an info stealing attack that has led to patient data stored by…

  • Hacker News: GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED)

    by

    Kurt Seifried
    in

    Source URL: https://www.praetorian.com/blog/codeqleaked-public-secrets-exposure-leads-to-supply-chain-attack-on-github-codeql/ Source: Hacker News Title: GitHub CodeQL Actions Critical Supply Chain Vulnerability (CodeQLEAKED) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses a potential supply chain attack on GitHub’s CodeQL due to a publicly exposed GitHub token, emphasizing risks associated with CI/CD vulnerabilities. It highlights how such a breach could…

  • Slashdot: Nearly 1.5 Million Private Photos from Five Dating Apps Were Exposed Online

    by

    Kurt Seifried
    in

    Source URL: https://yro.slashdot.org/story/25/03/30/0236216/nearly-15-million-private-photos-from-five-dating-apps-were-exposed-online Source: Slashdot Title: Nearly 1.5 Million Private Photos from Five Dating Apps Were Exposed Online Feedly Summary: AI Summary and Description: Yes Summary: The text reveals a significant security breach concerning nearly 1.5 million explicit images from specialist dating apps being stored unprotected online, making them susceptible to unauthorized access. The incident…

  • Hacker News: We hacked Google’s A.I Gemini and leaked its source code (at least some part)

    by

    Kurt Seifried
    in

    Source URL: https://www.landh.tech/blog/20250327-we-hacked-gemini-source-code/ Source: Hacker News Title: We hacked Google’s A.I Gemini and leaked its source code (at least some part) Feedly Summary: Comments AI Summary and Description: Yes Summary: The text discusses the hacker team’s experience at the Google LLM bugSWAT event, focusing on their discovery of vulnerabilities in Google’s Gemini AI model. The…