Tag: vulnerability

Source URL: https://simonwillison.net/2025/Sep/23/why-ai-systems-might-never-be-secure/#atom-everything Source: Simon Willison’s Weblog Title: Why AI systems might never be secure Feedly Summary: Why AI systems might never be secure The Economist have a new piece out about LLM security, with this headline and subtitle: Why AI systems might never be secure A “lethal trifecta” of conditions opens them to abuse…

Slashdot: Secure Software Supply Chains, Urges Former Go Lead Russ Cox

Sep 21, 2025

—

by

Source URL: https://developers.slashdot.org/story/25/09/21/0650219/secure-software-supply-chains-urges-former-go-lead-russ-cox?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Secure Software Supply Chains, Urges Former Go Lead Russ Cox Feedly Summary: AI Summary and Description: Yes Summary: The text emphasizes the critical need for enhancing software supply chain security, particularly in the face of ongoing vulnerabilities. It outlines practical solutions, such as adopting software signatures and reproducible builds,…

The Register: ChatGPT joins human league, now solves CAPTCHAs for the right prompt

—

by

Source URL: https://www.theregister.com/2025/09/19/how_to_trick_chatgpt_agents/ Source: The Register Title: ChatGPT joins human league, now solves CAPTCHAs for the right prompt Feedly Summary: Could this bot-prevention technique now be obsolete? ChatGPT can be tricked via cleverly worded prompts to violate its own policies and solve CAPTCHA puzzles, potentially making this human-proving security mechanism obsolete, researchers say.… AI Summary…

Cloud Blog: Strengthen GCE and GKE security with new dashboards powered by Security Command Center

—

by

Source URL: https://cloud.google.com/blog/products/identity-security/new-gce-and-gke-dashboards-strengthen-security-posture/ Source: Cloud Blog Title: Strengthen GCE and GKE security with new dashboards powered by Security Command Center Feedly Summary: As cloud infrastructure evolves, so should how you safeguard that technology. As part of our efforts to help you maintain a strong security posture, we’ve introduced powerful capabilities that can address some of…

Slashdot: This Microsoft Entra ID Vulnerability Could Have Been Catastrophic

—

by

Source URL: https://it.slashdot.org/story/25/09/19/027208/this-microsoft-entra-id-vulnerability-could-have-been-catastrophic?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: This Microsoft Entra ID Vulnerability Could Have Been Catastrophic Feedly Summary: AI Summary and Description: Yes Summary: The text discusses significant vulnerabilities identified in Microsoft’s Entra ID identity platform, which could have potentially granted unauthorized administrative access to Azure accounts. The rapid response from Microsoft following the discovery showcases…

The Register: One token to pwn them all: Entra ID bug could have granted access to every tenant

—

by

Source URL: https://www.theregister.com/2025/09/19/microsoft_entra_id_bug/ Source: The Register Title: One token to pwn them all: Entra ID bug could have granted access to every tenant Feedly Summary: Until Microsoft lobbed it into a virtual volcano A security researcher claims to have found a flaw that could have handed him the keys to almost every Entra ID tenant…

The Register: OpenAI plugs ShadowLeak bug in ChatGPT that let miscreants raid inboxes

—

by

Source URL: https://www.theregister.com/2025/09/19/openai_shadowleak_bug/ Source: The Register Title: OpenAI plugs ShadowLeak bug in ChatGPT that let miscreants raid inboxes Feedly Summary: Radware says flaw enabled hidden email prompts to trick Deep Research agent into exfiltrating sensitive data ChatGPT’s research assistant sprung a leak – since patched – that let attackers steal Gmail secrets with just a…

Docker: Docker and CNCF: Partnering to Power the Future of Open Source

Sep 18, 2025

—

by

Source URL: https://www.docker.com/blog/docker-cncf-partnership/ Source: Docker Title: Docker and CNCF: Partnering to Power the Future of Open Source Feedly Summary: At Docker, open source is not just something we support; it’s a core part of our culture. It’s part of our DNA. From foundational projects like Docker Compose (35.5k stars, 5.4k forks) and Moby (69.8k stars,…

Wired: This Microsoft Entra ID Vulnerability Could Have Caused a Digital Catastrophe

Sep 18, 2025

—

by