Tag: zero-click
-
Slashdot: WhatsApp Fixes ‘Zero-Click’ Bug Used To Hack Apple Users With Spyware
Source URL: https://it.slashdot.org/story/25/08/29/2020202/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: WhatsApp Fixes ‘Zero-Click’ Bug Used To Hack Apple Users With Spyware Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a recently patched security bug in WhatsApp that was exploited to perform a sophisticated, zero-click attack on iOS and Mac devices. This highlights critical vulnerabilities in popular…
-
Embrace The Red: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets
Source URL: https://embracethered.com/blog/posts/2025/openhands-the-lethal-trifecta-strikes-again/ Source: Embrace The Red Title: OpenHands and the Lethal Trifecta: Leaking Your Agent’s Secrets Feedly Summary: Another day, another AI data exfiltration exploit. Today we talk about OpenHands, formerly referred to as OpenDevin initially. It’s created by All-Hands AI. OpenHands renders images in chat, which enables zero-click data exfiltration during prompt injection…
-
Krebs on Security: Senator Chides FBI for Weak Advice on Mobile Security
Source URL: https://krebsonsecurity.com/2025/06/senator-chides-fbi-for-weak-advice-on-mobile-security/ Source: Krebs on Security Title: Senator Chides FBI for Weak Advice on Mobile Security Feedly Summary: Agents with the Federal Bureau of Investigation (FBI) briefed Capitol Hill staff recently on hardening the security of their mobile devices, after a contacts list stolen from the personal phone of the White House Chief of…
-
The Register: Apple fixes zero-click exploit underpinning Paragon spyware attacks
Source URL: https://www.theregister.com/2025/06/13/apple_fixes_zeroclick_exploit_underpinning/ Source: The Register Title: Apple fixes zero-click exploit underpinning Paragon spyware attacks Feedly Summary: Zero-day potentially tied to around 100 suspected infections in 2025 and a spyware scandal on the continent Apple has updated its iOS/iPadOS 18.3.1 documentation, confirming it introduced fixes for the zero-click vulnerability used to infect journalists with Paragon’s…
-
Simon Willison’s Weblog: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot
Source URL: https://simonwillison.net/2025/Jun/11/echoleak/ Source: Simon Willison’s Weblog Title: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Feedly Summary: Breaking down ‘EchoLeak’, the First Zero-Click AI Vulnerability Enabling Data Exfiltration from Microsoft 365 Copilot Aim Labs reported CVE-2025-32711 against Microsoft 365 Copilot back in January, and the fix is…
-
Slashdot: Cloudflare CEO: AI Is Killing the Business Model of the Web
Source URL: https://tech.slashdot.org/story/25/05/08/1952225/cloudflare-ceo-ai-is-killing-the-business-model-of-the-web?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: Cloudflare CEO: AI Is Killing the Business Model of the Web Feedly Summary: AI Summary and Description: Yes Summary: Matthew Prince, the CEO of Cloudflare, highlighted significant concerns regarding the future of the web’s economic model due to the rise of AI, particularly in the context of content creation…
-
Cisco Talos Blog: Understanding the challenges of securing an NGO
Source URL: https://blog.talosintelligence.com/understanding-the-challenges-of-securing-an-ngo/ Source: Cisco Talos Blog Title: Understanding the challenges of securing an NGO Feedly Summary: Joe talks about how helping the helpers can put a fire in you and the importance of keeping nonprofits cybersecure. AI Summary and Description: Yes Summary: The text outlines a Threat Source newsletter discussing cybersecurity challenges faced by…
-
Cloud Blog: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis
Source URL: https://cloud.google.com/blog/topics/threat-intelligence/2024-zero-day-trends/ Source: Cloud Blog Title: Hello 0-Days, My Old Friend: A 2024 Zero-Day Exploitation Analysis Feedly Summary: Written by: Casey Charrier, James Sadowski, Clement Lecigne, Vlad Stolyarov Executive Summary Google Threat Intelligence Group (GTIG) tracked 75 zero-day vulnerabilities exploited in the wild in 2024, a decrease from the number we identified in 2023…
-
Hacker News: Blasting Past WebP – An analysis of the NSO BLASTPASS iMessage exploit
Source URL: https://googleprojectzero.blogspot.com/2025/03/blasting-past-webp.html Source: Hacker News Title: Blasting Past WebP – An analysis of the NSO BLASTPASS iMessage exploit Feedly Summary: Comments AI Summary and Description: Yes **Summary:** The text provides an in-depth analysis of the NSO Group’s zero-click exploit, known as BLASTPASS, which targets vulnerabilities in Apple’s iOS, specifically focusing on how manipulative content…
-
Schneier on Security: Report on Paragon Spyware
Source URL: https://www.schneier.com/blog/archives/2025/03/report-on-paragon-spyware.html Source: Schneier on Security Title: Report on Paragon Spyware Feedly Summary: Citizen Lab has a new report on Paragon’s spyware: Key Findings: Introducing Paragon Solutions. Paragon Solutions was founded in Israel in 2019 and sells spyware called Graphite. The company differentiates itself by claiming it has safeguards to prevent the kinds of…