#Google Says Its AI-Based #Bug Hunter Found 20 #Security #Vulnerabilities - Slashdot
#artificialintelligence #ai #security

https://it.slashdot.org/story/25/08/09/1947230/google-says-its-ai-based-bug-hunter-found-20-security-vulnerabilities?utm_source=rss1.0mainlinkanon&utm_medium=feed

I just caught up with this one. In case you haven't seen it:

Security researcher quips maybe it's time to get 'a real job' after being paid meagre $1,000 bug bounty by Apple

https://www.pcgamer.com/hardware/security-researcher-quips-maybe-its-time-to-get-a-real-job-after-being-paid-meagre-usd1-000-bug-bounty-by-apple/

h/t, MSN

Friday Squid Blogging: New Vulnerability in Squid HTTP Proxy Server

In a rare squid/security combined post, a new vulnerability was discovered in the Squid HTTP proxy server.... https://www.schneier.com/blog/archives/2025/08/friday-squid-blogging-new-vulnerability-in-squid-http-proxy-server.html

Google Project Zero Changes Its Disclosure Policy

Google’s vulnerability finding team is again pushing the envelope of responsible disclosure:
Google’s Project Zero team will... https://www.schneier.com/blog/archives/2025/08/google-project-zero-changes-its-disclosure-policy.html

Akira and Lynx Ransomware Target MSPs Using Stolen Credentials and Exploited Vulnerabilities https://gbhackers.com/akira-and-lynx-ransomware-target-msps/ #CyberSecurityNews #Vulnerabilities #cybersecurity #Ransomware

#Dam in #Norway had Valve Forced Open for Hours in #Cyberattack
Unidentified hackers breached a Norwegian dam’s control system in April, opening its valve for hours due to a weak password. Learn how simple #vulnerabilities threaten #criticalinfrastructure.
https://hackread.com/norwegian-dam-valve-forced-open-hours-in-cyberattack/

#Lovense Had #Vulnerabilities That #Leaked User #Data by mentaloutlaw #yt #security #privacy

https://www.youtube.com/watch?v=esTWbyEqDWk

Proxy Link.:

https://invidious.privacyredirect.com/watch?v=esTWbyEqDWk

"BobDaHackers Blog
bobdahacker.com/blog/lovense-still-leaking-user-emails
"

Sunday, August 3, 2025

Russian troops resort to ‘total infiltration’ tactics in front-line Pokrovsk — Inside the Battle of Kostiantynivka, as Ukrainian forces brace for three-sided Russian assault — Ukrainian drones target Shahed storage site, industrial facilities in Russia — Ukraine’s drone strike reportedly sparks fire at oil depot in Russia’s Sochi … and more

https://activitypub.writeworks.uk/2025/08/sunday-august-3-2025/

Spying on People Through Airportr Luggage Delivery Service

Airportr is a service that allows passengers to have their luggage picked up, checked, and delivered to their destinations. As you might expect, it’s used by wealthy or important people. So if the company’s website is <a href="https:/... https://www.schneier.com/blog/archives/2025/08/spying-on-people-through-airportr-luggage-delivery-service.html

Interesting. If on-board SRAM can be kept alive while rebooting the CPU, you can extract information stored in it.

"This paper presents Volt Boot, an attack that demonstrates a vulnerability of on-chip SRAM due to the physical separation common in modern system-on-chip power distribution networks."

https://cacm.acm.org/research-highlights/sram-has-no-chill-exploiting-power-domain-separation-to-steal-on-chip-secrets/

NATO warns of state-linked cyberattacks on Europe’s civilian ports, exposing critical gaps in maritime defense https://www.byteseu.com/1236378/ #AccessControl #APTs #CCDCOE #ControlSystems #CriticalInfrastructure #CyberRisks #CyberThreats #cyberattacks #EnergySystem #Europe #ICT #InfrastructureRisks #MaritimeDefense #MaritimeSecurity #MaritimeStrategy #NATO #OT #PhysicalInfrastructure #PortInfrastructure #Ports #TrafficManagement #VesselTraffic #vulnerabilities

Microsoft SharePoint Zero-Day

Chinese hackers are exploiting a high-severity vulnerability in Microsoft SharePoint to steal data worldwid... https://www.schneier.com/blog/archives/2025/07/microsoft-sharepoint-zero-day.html

#vulnerabilities #Uncategorized #Microsoft #exploits #zero-day #hacking

Intruder Open Sources Tool for Testing API Security – Source: securityboulevard.com https://ciso2ciso.com/intruder-open-sources-tool-for-testing-api-security-source-securityboulevard-com/ #SecurityBoulevard(Original) #rssfeedpostgeneratorecho #ApplicationSecurity #CyberSecurityNews #SecurityAwareness #SecurityBoulevard #vulnerabilities #SocialFacebook #SocialLinkedIn #Cybersecurity #Spotlight #FEATURED #SocialX #News

Time to go patch those drivers!

NVIDIA reveal more GPU driver security issues for July 2025

https://www.gamingonlinux.com/2025/07/nvidia-reveal-more-gpu-driver-security-issues-for-july-2025/

#AIslop and fake reports are exhausting #security #bugbounties
The world of #cybersecurity is not immune to this problem. In last year, people across the cybersecurity industry have raised concerns about #AI #slop #bugbounty reports, meaning reports that claim to have found #vulnerabilities that do not actually exist, because they were created with a #largelanguagemodel (#LLM) that simply made up the #vulnerability, and then packaged it into a professional-looking writeup
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/

CISA has added two critical SharePoint vulnerabilities (CVE-2025-49704, CVE-2025-49706) to its KEV catalog after reports of active exploitation by Chinese hackers. Immediate patching is essential. Are your systems up to date? #Cybersecurity #Privacy #Vulnerabilities

Read more: https://short.steelefortress.com/jgrfdr

What to know about ToolShell, the SharePoint threat under mass exploitation https://arstechni.ca/UZML #vulnerabilities #SharePoint #toolshell #Security #exploits #Biz&IT

What to know about ToolShell, the SharePoint threat under mass exploitation - Government agencies and private industry have been under sie... - https://arstechnica.com/security/2025/07/what-to-know-about-toolshell-the-sharepoint-threat-under-mass-exploitation/ #vulnerabilities #sharepoint #toolshell #security #exploits #biz&it