Data Safety and Information Security

Data Safety and Information Security

Clone This Repo and I Own Your Machine
Clone This Repo and I Own Your Machine
Indirect prompt injection in agentic coding tools can lead to full system compromise because authorized tools allow LLMs to run shell commands, access files, and make network calls without clear user visibility. An attacker can gain code execution using a completely normal looking repository by chaining trusted setup instructions, routine error handling, and automated agent behavior. The malicious payload does not exist in the repository at all and is instead fetched at runtime from a DNS TXT record, making it invisible to code review, static scanners, and even the agent itself. The result is a reverse shell running as the developer’s own user, exposing credentials, API keys, and allowing persistence, all triggered by the agent attempting to fix a harmless looking setup error.
·0din.ai·
Clone This Repo and I Own Your Machine
On Lazy Secrets Management · @radekmie’s take on IT and stuff
On Lazy Secrets Management · @radekmie’s take on IT and stuff
If you’re lazy like me, consider doing the bare minimum and do not keep plain text secrets in your repo. Here’s a basic workflow that encrypts them with SSH keys.
·radekmie.dev·
On Lazy Secrets Management · @radekmie’s take on IT and stuff
Security Tip: Have You Heard Of Slopsquatting?
Security Tip: Have You Heard Of Slopsquatting?
[Tip #132] Your AI agent hallucinates a package name, confidently installs it, and keeps working - except an attacker registered that exact name, packed with malware. Welcome to slopsquatting.
·securinglaravel.com·
Security Tip: Have You Heard Of Slopsquatting?
How Do You Know When an AI Agent Has Gone Rogue? | Built In
How Do You Know When an AI Agent Has Gone Rogue? | Built In
Discover why traditional guardrails fail to stop AI agent breaches. This deep dive analyzes the 5 stages of agent failure — from prompt injection to memory poisoning — and why execution must remain deterministic.
·builtin.com·
How Do You Know When an AI Agent Has Gone Rogue? | Built In
OpenAPI Security Schemes Explained
OpenAPI Security Schemes Explained
The OpenAPI specification can seem quite complex. It is a large document with many details and edge cases to keep in mind, especially if…
·medium.com·
OpenAPI Security Schemes Explained
I Could've Rickrolled the Entire FIFA World Cup. All I Needed Was My ID.
I Could've Rickrolled the Entire FIFA World Cup. All I Needed Was My ID.
How I found that anyone could register on FIFA's public Agent Platform, gain access to the Football Data Platform's Streaming Management panel, and get RTMP ingest URLs and stream keys for every live FIFA World Cup 2026 camera feed. I then spent hours calling FIFA, MediaKind, HBS, CISA, and the FBI trying to get someone to pick up the phone.
·bobdahacker.com·
I Could've Rickrolled the Entire FIFA World Cup. All I Needed Was My ID.
The Fable 5 Export Controls Harm US Cyber Defense
The Fable 5 Export Controls Harm US Cyber Defense
Restricting Fable and Mythos has the same unintended consequence of harming defense while doing nothing to impede attackers. We can't export control our way to cyber resilience.
·lutasecurity.com·
The Fable 5 Export Controls Harm US Cyber Defense
Hacking Google with A.I. for $500,000
Hacking Google with A.I. for $500,000
What happens when you unleash an AI across all of Google's infrastructure? 1,500 APIs, 3,600 keys, and $500,000 in bounties later, here's what I found.
·brutecat.com·
Hacking Google with A.I. for $500,000
Who Runs the Ransomware Group ‘The Gentlemen?’
Who Runs the Ransomware Group ‘The Gentlemen?’
A cybercrime group known as The Gentlemen has emerged as the second most active ransomware gang by victim count, rapidly attracting a talented pool of hackers through an aggressive recruitment strategy that promises affiliates 90 percent of any ransom paid…
·krebsonsecurity.com·
Who Runs the Ransomware Group ‘The Gentlemen?’
StyloBot - Self-Hosted Bot Detection | Open Source | $100/mo
StyloBot - Self-Hosted Bot Detection | Open Source | $100/mo
Bot detection that runs in your infrastructure. 31 detectors, sub-millisecond, zero PII. Open source core, commercial dashboard. 10x cheaper than DataDome or Cloudflare.
·stylobot.net·
StyloBot - Self-Hosted Bot Detection | Open Source | $100/mo
Someone used my open source project to phish 14,000 people
Someone used my open source project to phish 14,000 people
A botnet abused the hosted version of my open source project to phish 14,000 strangers. What I found, what I cleaned up, and what it taught me about running cloud on behalf of people I’ve never met.
·andrej.sh·
Someone used my open source project to phish 14,000 people
Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
Deep technical analysis of MicrosoftSystem64, an 81 MB Node.js SEA binary deployed via malicious npm packages. This RAT steals browser credentials, 80+ crypto wallet extensions, Telegram sessions, SSH keys, and screenshots, exfiltrating everything to HuggingFace datasets while maintaining persistence across Windows, macOS, and Linux.
·safedep.io·
Inside MicrosoftSystem64: A Supply Chain RAT Exfiltrating to HuggingFace
How to Call an API from an Email
How to Call an API from an Email
Emails can’t run JavaScript, but by selling your soul to the CSS devil you can get pretty close.
·redo.com·
How to Call an API from an Email
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence | Microsoft Security Blog
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence | Microsoft Security Blog
A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence server for credential theft and identity compromise. Learn how the threat actor attempted Kerberos relay and lateral movement, and how Microsoft Defender detected, blocked, and unraveled the attack.
·microsoft.com·
From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence | Microsoft Security Blog
The AI botnets cannot be stopped
The AI botnets cannot be stopped
I am constantly getting scrape attempts for avatar-image-JPEG URLs that have not existed on my blog since a restructuring in 2022. They come in bursts of about a 100 per minute, each from a different IP address, and in random order. I thought: enough is enough, I need to figure out what clown service these are coming from and start blocking whole networks. Nope, they're almost all from cable ...
·jwz.org·
The AI botnets cannot be stopped
After Mythos: Identity Has to Anchor in Hardware
After Mythos: Identity Has to Anchor in Hardware
AI-accelerated vulnerability discovery is compressing the patch window. Hardware-bound identity and short-lived certificates are how trust holds up.
·smallstep.com·
After Mythos: Identity Has to Anchor in Hardware
Hacked Video File Holds Multiple Films On YouTube
Hacked Video File Holds Multiple Films On YouTube
We notice there are a lot of hacks on YouTube lately, but we don’t share enough hacks about YouTube. That’s why [PortalRunner]’s latest oeuvre is interesting: it’s a video t…
·hackaday.com·
Hacked Video File Holds Multiple Films On YouTube
taken.
taken.
A web page that tells you what your browser gave away the moment you arrived. No login, no form, no permission. Most pages do this. None of them tell you.
·sinceyouarrived.world·
taken.
Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane. — That Privacy Guy!
Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane. — That Privacy Guy!
Google Chrome is downloading a 4 GB Gemini Nano model onto users' machines without consent, with no opt-in, no opt-out short of enterprise tooling, and an automatic re-download every time the user deletes it. The pattern is identical to the Anthropic Claude Desktop case I wrote about last month, but the scale is between two and three orders of magnitude larger. This article does the legal analysis and, for the first time, the environmental analysis. The numbers are not small.
·thatprivacyguy.com·
Google Chrome silently installs a 4 GB AI model on your device without consent. At a billion-device scale the climate costs are insane. — That Privacy Guy!
The Mother of All AI Supply Chains: Technical Deep Dive | OX Security
The Mother of All AI Supply Chains: Technical Deep Dive | OX Security
No Input Sanitization, No Warning: The MCP Vulnerability Behind 30+ Disclosures This post is part of OX Security's The Mother of All AI Supply Chains research — a comprehensive investigation into one systemic vulnerability at the heart of the MCP ecosystem, covering 30+ disclosures and 10+ CVEs. Download the full eBook for the complete findings Explore the full advisory Read…
·ox.security·
The Mother of All AI Supply Chains: Technical Deep Dive | OX Security