TheRegister
Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE
Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's machine, and run arbitrary code.…
Talk to the bot: Salesforce AI agents could replace US govt employees
American citizens seeking help from the federal government may soon find themselves being assisted by an AI agent, if Salesforce's new public sector offering is a success.…
IETF Draft suggests making IPv6 standard on DNS resolvers - partly to destroy IPv4
A pair of networking researchers have proposed that the Internet Engineering Task Force define support for IPv6 as a best practice for operators of DNS resolvers – the servers that translate URLs into IP addresses – and one of them hopes adoption of the idea will accelerate the demise of IPv4.…
Perplexity's Comet browser naively processed pages with evil instructions
To the surprise of no one in the security industry, processing untrusted, unvalidated input is a bad idea.…
Opinionated Arch derivative CachyOS overtakes Mint and MX on DistroWatch
CachyOS bills itself as a Blazingly Fast & Customizable Linux distribution and that seems to be winning it friends. In the last month, it's the number one distro on the popularity chart on the widely-used DistroWatch comparison site.…
FBI: Russian spies exploiting a 7-year-old Cisco bug to slurp configs from critical infrastructure
The FBI and security researchers today warned that Russian government spies exploited a seven-year-old bug in end-of-life Cisco networking devices to snoop around in American critical infrastructure networks and collect information on industrial systems.…