360SOFTY

Insights

Engineering Insights

Practical writing on software architecture, SaaS products, AI automation, legacy modernisation, and the business of building reliable systems.

RSS

Curated links from external sources — not 360Softy original articles.

External
The Hacker News

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people's Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext. A researcher publishing under the handle tokay0 put the method online on Monday, having tested it only against vacuums he

The Hacker NewsRead original
ExternalCybersecurity
SecurityWeek

F5 Patches Multiple NGINX, BIG-IP Vulnerabilities

Attackers could exploit the bugs to modify configurations, terminate or restart processes, cross security boundaries, leak memory, and execute code. The post F5 Patches Multiple NGINX, BIG-IP Vulnerabilities appeared first on SecurityWeek.

Vulnerabilities
SecurityWeekRead original
ExternalBackend Development
FastAPI Releases

0.139.1

Fixes 🐛 Fix frontend fallback support for doted paths like /users/john.doe. PR #16011 by @tiangolo. Docs 📝 Fix topic repository list not being displayed and skip_users not being applied. PR #15995 by @YuriiMotov. Translations 🌐 Update translations for tr (update-outdated). PR #16005 by @tiangolo. 🌐 Update translations for zh-hant (update-outdated). PR #15996 by @tiangolo. 🌐 Update translations for fr (update-outdated). PR #16006 by @tiangolo. 🌐 Update translations for de (update-outdated).

FastAPI ReleasesRead original
External
The Hacker News

OpenAI’s GPT-Red Automates Prompt Injection Testing to Harden GPT-5.6 Sol

OpenAI has disclosed details of GPT-Red, an internal automated red-teaming model that scales prompt injection vulnerability discovery with an aim to fix issues before the tools are deployed widely. "GPT‑Red is a strong red-teamer, and our previous models are highly vulnerable to its prompt injection attacks," the artificial intelligence (AI) company said. "We use GPT‑Red to adversarially train

The Hacker NewsRead original
ExternalCybersecurity
SecurityWeek

Old UEFI Shims Expose Systems to Secure Boot Bypass

Signed by Microsoft, the vulnerable UEFI shim bootloaders could be abused on any system, regardless of the OS. The post Old UEFI Shims Expose Systems to Secure Boot Bypass appeared first on SecurityWeek.

Endpoint Securitybypasssecure boot
SecurityWeekRead original

Work with 360Softy

Building a SaaS product, AI system, or business platform?

Book a free consultation and we will tell you honestly whether we can help.