🚀 ENS Developer Targeted in Phishing Attack Exploiting Google Infrastructure
#ENS #phishingattack #Google #cybersecurity #SlowMist #passkeys #emailsecurity #infosec #vulnerability
According to BlockBeats, SlowMist founder Yu Jian revealed on social media that the ENS chief developer was recently targeted in a phishing attack exploiting a vulnerability within Google's infrastructure. The phishing group deceived users by sending emails disguised as official Google communications, tricking them into believing they were under law enforcement scrutiny. Despite Google's efforts to counteract these attacks, the group launched a new wave of phishing attempts, continuing to lure users to subdomains under "google.com" to extract account passwords and immediately add Passkeys.
Previously, on April 16, ENS chief developer nick.eth reported a highly sophisticated phishing attack that leveraged a flaw in Google's infrastructure, which Google has refused to fix. He noted that the phishing emails appeared very authentic, passing DKIM signature verification and being displayed normally in Gmail, alongside other legitimate security warnings. The attackers exploited Google's "Sites" service to create a convincing "support portal" page, leading users to mistakenly trust the domain containing "google.com" as secure. Users are advised to remain vigilant.#ENS #phishingattack #Google #cybersecurity #SlowMist #passkeys #emailsecurity #infosec #vulnerability
🚀 Notion's AI Agents Face Prompt Injection Vulnerability
#Notion #AIAgents #PromptInjection #Vulnerability #Security #CyberSecurity #DataExfiltration #Steganography #PDFs #SocialEngineering #ManualReview #DataPrivacy #ThreatMitigation #SecurityBestPractices #InfoSec #Privacy #DataSecurity
According to BlockBeats, AI researcher Abi Raghuram has identified a prompt injection vulnerability in Notion's newly released AI Agents. This security risk allows attackers to embed hidden text, such as white font, in files like PDFs. When users process these files with the AI Agent, the hidden prompts may be executed, potentially leading to the transmission of sensitive information to external addresses.
Researchers highlight that such attacks often employ social engineering tactics, including impersonating authority, creating urgency, and providing false security assurances to increase their success rate. Experts advise users to exercise caution by avoiding the upload of PDFs or files from unknown sources to the AI Agent. It is also recommended to strictly limit the Agent's internet access and data export permissions, perform steganography removal or cleansing on suspicious files, and conduct manual reviews. Additionally, requiring the AI Agent to display a clear confirmation prompt before any external submission can help mitigate the risk of sensitive data leaks.#Notion #AIAgents #PromptInjection #Vulnerability #Security #CyberSecurity #DataExfiltration #Steganography #PDFs #SocialEngineering #ManualReview #DataPrivacy #ThreatMitigation #SecurityBestPractices #InfoSec #Privacy #DataSecurity
🚀 AI Tool OpenClaw Faces Security Incident Due to Command Injection
#AI #CyberSecurity #CommandInjection #OpenClaw #Web3 #DataBreach #SecurityIncident #Bash #GitHub #InfoSec
On March 5, Web3 security firm GoPlus reported a security incident involving the AI development tool OpenClaw. According to BlockBeats, the issue arose during the execution of automated tasks when the system incorrectly constructed a Bash command while creating a GitHub Issue, leading to a command injection that exposed numerous sensitive environment variables.
The incident involved AI-generated strings containing backticks around 'set', which Bash interpreted as command substitution and executed automatically. As a result, Bash outputted all current environment variables without parameters, leading to over 100 lines of sensitive information, including Telegram keys and authentication tokens, being directly published in a GitHub Issue.
GoPlus recommends using API calls instead of directly concatenating Shell commands in AI automation development or testing scenarios. They also advise adhering to the principle of least privilege to isolate environment variables, disabling high-risk execution modes, and incorporating manual review mechanisms in critical operations.#AI #CyberSecurity #CommandInjection #OpenClaw #Web3 #DataBreach #SecurityIncident #Bash #GitHub #InfoSec
🚀 CertiK Urges Enhanced Security Measures Following OpenClaw Report
#CyberSecurity #OpenSource #Vulnerability #CVE #GitHub #AccessControl #Sandboxing #LeastPrivilege #SoftwareSecurity #Infosec
CertiK has released a comprehensive security report on March 31, analyzing over 280 GitHub security advisories and more than 100 CVE vulnerabilities collected between November 2025 and March 2026. According to NS3.AI, the report highlights the need for developers and users to implement stricter access control, validate plugins, ensure sandbox isolation, and adopt least-privilege deployment strategies to enhance security measures.#CyberSecurity #OpenSource #Vulnerability #CVE #GitHub #AccessControl #Sandboxing #LeastPrivilege #SoftwareSecurity #Infosec