DawnSift
Subscribe

Security

Last 7 days · 86 items

2026-07-19 Sun

Tried prompt injection on a bot that was trying to romance scam me. Worked immediately. Instead of switching platforms I just asked it what its actual task was. It dropped the persona instantly. These things are everywhere now. How long until they're indistinguishable?

2026-07-18 Sat

Capital One 开源 VulnHunter:基于 Agentic AI 的代码安全工具,利用 LLM 进行漏洞发现和验证。

评论区对VulnHunter工具的价值存在分歧,有人认为它只是常见安全扫描的包装,缺乏创新,但也有人认为其方法论和结合LLM的验证思路有实际意义。

OpenAI trained GPT-Red, an internal-only attacker model, using self-play reinforcement learning against a population of defender LLMs. It beat human red-teamers 84% to 13% on a replicated indirect prompt injection arena, found a novel "Fake Chain-of-Thought" attack class, and cut GPT-5.6 Sol's failures 6x on OpenAI's hardest direct injection benchmark. OpenAI concedes it still struggles with multi-turn and image-based attacks. The post OpenAI Details GPT-Red: An Internal Automated Red-Teaming Mo

I receive an AWS Budgets alert that my budget is exceeding the alert threshold. Threshold is 5$. Forecasted amount is listed as $3,005,575,870.47. (Yepp, right, that’s 3 billion dollars.) I haven't even used AWS actively in the last year, but AWS console lists the amount as stated above. No feedback from AWS support yet, but the support AI chat bot says: "Die perfekt gleichmäßigen Tageskosten seit dem 1. Juli deuten stark auf einen Abrechnungs- oder Messfehler hin." ("The perfectly consistent da

Apple filed a trade secrets lawsuit against OpenAI last Friday, and it’s not messing around. The complaint alleges a pattern of misconduct reaching all the way up to OpenAI’s chief hardware officer and claims more than 400 former Apple employees now work at the company. OpenAI’s response so far has been carefully hedged, and the timing couldn’t be worse with the company reportedly eyeing an IPO […]

Apple is suing OpenAI. The complaint is readable and intense, as these things often are, though many experts seem to think many of the allegations are just the ways things are done. So what does Apple really want here, and why is it picking such a public fight with OpenAI? On this episode of The […]

Federal authorities have arrested a Florida man suspected of stealing at least $220,000 in crypto through malware-infected Steam games, as reported earlier by local news outlet Local10. In the complaint, officials accuse 21-year-old Zyaire Wilkins and co-conspirators of launching eight malware-embedded games from around May 2024 to February 2026, allowing them to infect about 8,000 […]

2026-07-17 Fri

On file deletions. We’ve investigated a handful of reports where GPT-5.6 unexpectedly deleted files. What we have found is that this most commonly occurs when: Full access mode is enabled and codex is run without sandboxing protections, including without auto review being enabled The model attempts to override the $HOME env var to define a temporary directory. The model makes an honest mistake and mistakenly deletes $HOME instead. — Thibault Sottiaux , describing a pretty gnarly Codex bug Tags:

Image guardrails are typically trained and evaluated under a fixed safety policy, implicitly treating safety as an intrinsic property of an image. Real deployments are different: the same image may be allowed in one product, restricted in another, and newly disallowed when a policy boundary changes. We study policy-adaptive image guardrailing, where a model must decide whether an image violates the currently supplied policy and generalize to held-out policy definitions. We introduce PolicyShiftB

2026-07-16 Thu

If you use tailscale ssh, you rely on ACLs, and anyone else in your tailnet you should update as soon as possible. Even if you're alone in your tailscale don't write off the possibility of chained vulnerabilities. Generally, when it comes to something as important as ssh, consider using openssh instead.

OpenAI has built an LLM super-hacker called GPT-Red that it uses as a sparring partner to help its other models boost their defenses against cyberattacks. Last week the company released the latest version of its flagship LLM, GPT-5.6. OpenAI says that training it against GPT-Red made the model its most robust release yet. GPT-Red automates…

Hi HN :) really excited to share this with you. The one thing AI reliably does is generate noise. Half the tools I see launch are just machines for producing more noise across more channels. And people are starting to see this in the form of emails in their inboxes as spam filters are struggling. There used to be a useful signal in email: the effort a sender put into customizing a message was a rough proxy for how relevant it actually was. AI killed that. Now it's customized slop with the appear

安全研究员演示利用 Claude 记忆功能窃取用户全名、雇主和安全问题答案,批评 Anthropic 未奖励漏洞发现,社区建议关闭记忆功能或使用假名。

评论区普遍认为Claude的记忆功能存在安全隐患,批评Anthropic未奖励漏洞发现者,但也有人认为可通过关闭记忆或使用假名规避风险。

The Elon Musk-owned xAI is suing a South Carolina man who allegedly used the company's Grok AI chatbot to generate child sexual abuse material (CSAM). In a lawsuit reported earlier by Reuters, xAI claims Terry Wayne Harwood "knowingly and intentionally used Grok to circumvent safeguards, alter nonconsensual images, and generate and distribute CSAM," breaching the […]

Back in March, we released an initial version of an OpenID Connect Provider. Now, with v5.1.0, this OIDC provider is certified for Basic OP thanks to our amazing contributors and to the OpenID Foundation team for allowing us to certify at no cost. This release also includes a couple of new features like Kubernetes annotation based access controls (just got into k3s so...), deny-by-default access controls, a stable config file (turns out having a simple configuration file as an alternative to CLI

2026-07-15 Wed

Today I had an eye opening security scare with my homelab. I was making some dinner and went to browse reddit while I waited for my food to cook, the page wouldn't load, and my first thought was maybe my dns was down (I use pihole with unbound recursive dns). I checked my pihole dashboard, and it was operational, no issues there. I did notice that there were a few STUN requests from my ugreen nas, which I thought were unusual, having a loose understanding of what STUN is from reading the tailsca

2026-07-14 Tue

arXiv:2607.09076v1 Announce Type: new Abstract: Cyberattacks on operational technology are increasingly causing costly downtime and physical damage, exposing the limitations of traditional rule-based monitoring in industrial IoT environments. While Large Language Models (LLMs) have strong semantic reasoning abilities to assist in decision support, their hallucinatory nature presents unacceptable safety liabilities for closed-loop control. This paper introduces a neuro-agentic control framework,

2026-07-13 Mon

Hey everyone I just wanted to share this because we are pretty proud of this milestone. Since v2.10.0 Pocket ID is now OpenID Connect Certified™ which means that we pass all tests of the OpenID Connect test suite. Additionally we've introduced the support for OAuth 2.0 APIs and permissions (or in more technical terms "resource servers" and "scopes"). This is very useful if you are building your own application and you want to delegate authorization and authentication completely to Pocket ID. Our

Global tech, distilled into 3 minutes a day

Get the free daily digest by email. Sign up to bookmark and personalize your feed.

13 issues shipped · 150+ items sifted to 30 worth reading, every day

Global tech, distilled into 3 minutes a day