Episode Details
Back to Episodes
News of the Month | Episode 19
Description
Register for FREE Infosec Webcasts, Anti-casts & Summits –
https://poweredbybhis.com
AI News of the Month | Episode 19
In Episode 19,Brianand Derek cover a zero-click indirect prompt injection attack against ChatGPT connectors and seemingly innocent Google Calendar events that hijack smart homes via Gemini, with possible consequences for the power grid.
They'll discuss the impact of Microsoft patching a critical Azure OpenAI SSRF vulnerability and go over new NIST AI security standards, IBM’s study on shadow AI and breach costs, OpenAI’s response to chat indexing leaks, and a malicious VS Code extension that stole $500K in cryptocurrency.
#AI #CyberSecurity #PromptInjection #Malware #InfoSec #AIThreats #Hacking #GenerativeAI #Deepfakes #LLM #ShadowAI
- “Poisoned doc” exfiltrates data via ChatGPT Connectors (AgentFlayer) — Aug 6, 2025
- Poisoned Google Calendar invite hijacks Gemini to control a smart home — Aug 6–10, 2025
- Microsoft August Patch Tuesday adds AI-surface fixes; critical Azure OpenAI vuln (CVE-2025-53767) — Aug 12–13, 2025
- Release coverage: https://www.techradar.com/pro/security/microsofts-latest-major-patch-fixes-a-serious-zero-day-flaw-and-a-host-of-other-issues-so-update-now
- CVE entry: https://nvd.nist.gov/vuln/detail/CVE-2025-53767 (NVD)
- Overview: https://www.tenable.com/blog/microsofts-august-2025-patch-tuesday-addresses-107-cves-cve-2025-53779 (Tenable®)
- NIST proposes SP 800-53 “Control Overlays for Securing AI Systems” — Aug 14, 2025
- IBM 2025 “Cost of a Data Breach”: AI is both breach vector and defender — Jul 30, 2025
- Press release: https://newsroom.ibm.com/2025-07-30-ibm-report-13-of-organizations-reported-breaches-of-ai-models-or-applications%2C-97-of-which-reported-lacking-proper-ai-access-controls
- Report: https://www.ibm.com/reports/data-breach
- Analysis:
Listen Now
Love PodBriefly?
If you like Podbriefly.com, please consider donating to support the ongoing development.
Support Us