Amazon Q flaw let booby-trapped Git repos execute code, swipe cloud creds
12 hours ago
- #Cybersecurity Incidents
- #AI Regulation
- #Open Source Updates
- Google advocates for AI regulation that allows its current activities to continue.
- US auto regulators propose removing brake pedals from robotaxis to foster innovation.
- A flaw in Amazon Q allowed booby-trapped Git repos to execute code and steal cloud credentials.
- AI giants fund a non-profit to retrain workers displaced by AI advancements.
- OpenAI reports 97.9% of its employees are now using AI agents.
- Russian attackers pose as Signal support to launch phishing campaigns, with other security incidents noted.
- Microsoft's patches failed to fix on-prem SharePoint, leaving it vulnerable to zero-day attacks.
- DEF CON's Franklin project engages hackers to strengthen critical infrastructure security.
- EQT acquires a majority stake in cybersecurity firm Acronis at a $3.5B+ valuation.
- Mikko Hyppönen notes no end in sight for corporate ransomware a decade after its first appearance.
- Collabora releases CODE 26.04 with new features like Markdown support and integrated AI.
- GIMP 0.54 is revived in Flatpak form for retro-computing enthusiasts.
- Bcachefs exits experimental status with a 'performance release' focusing on more Rust and AI challenges.
- France's digital sovereignty efforts struggle against Microsoft's dominance in office software.
- The history of CentOS is explored, from a hobby project to an enterprise OS after community collaboration.
- A Netflix engineer open-sources an app, Project Headroom, to reduce AI-related costs.