Tag: injection
-
Alerts: CISA Adds Two Known Exploited Vulnerabilities to Catalog
Source URL: https://www.cisa.gov/news-events/alerts/2025/02/20/cisa-adds-two-known-exploited-vulnerabilities-catalog Source: Alerts Title: CISA Adds Two Known Exploited Vulnerabilities to Catalog Feedly Summary: CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2025-23209 Craft CMS Code Injection Vulnerability CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability These types of vulnerabilities are frequent attack vectors for malicious…
-
Embrace The Red: ChatGPT Operator: Prompt Injection Exploits & Defenses
Source URL: https://embracethered.com/blog/posts/2025/chatgpt-operator-prompt-injection-exploits/ Source: Embrace The Red Title: ChatGPT Operator: Prompt Injection Exploits & Defenses Feedly Summary: ChatGPT Operator is a research preview agent from OpenAI that lets ChatGPT use a web browser. It uses vision and reasoning abilities to complete tasks like researching topics, booking travel, ordering groceries, or as this post will show,…
-
The Register: Critical PostgreSQL bug tied to zero-day attack on US Treasury
Source URL: https://www.theregister.com/2025/02/14/postgresql_bug_treasury/ Source: The Register Title: Critical PostgreSQL bug tied to zero-day attack on US Treasury Feedly Summary: High-complexity bug unearthed by infoseccers, as Rapid7 probes exploit further A high-severity SQL injection bug in the PostgreSQL interactive tool was exploited alongside the zero-day used to break into the US Treasury in December, researchers say.……
-
Microsoft Security Blog: Securing DeepSeek and other AI systems with Microsoft Security
Source URL: https://www.microsoft.com/en-us/security/blog/2025/02/13/securing-deepseek-and-other-ai-systems-with-microsoft-security/ Source: Microsoft Security Blog Title: Securing DeepSeek and other AI systems with Microsoft Security Feedly Summary: Microsoft Security provides cyberthreat protection, posture management, data security, compliance and governance, and AI safety, to secure AI applications that you build and use. These capabilities can also be used to secure and govern AI apps…
-
Hacker News: Syd: An Introduction to Secure Application Sandboxing for Linux [video]
Source URL: https://fosdem.org/2025/schedule/event/fosdem-2025-4176-syd-an-introduction-to-secure-application-sandboxing-for-linux/ Source: Hacker News Title: Syd: An Introduction to Secure Application Sandboxing for Linux Feedly Summary: Comments AI Summary and Description: Yes Summary: The text introduces Syd, a GPL-3 licensed application kernel for Linux, designed for securing applications through advanced sandboxing techniques. Its modern architecture and features address critical vulnerabilities and enhance security…
-
Slashdot: New Hack Uses Prompt Injection To Corrupt Gemini’s Long-Term Memory
Source URL: https://it.slashdot.org/story/25/02/12/0011205/new-hack-uses-prompt-injection-to-corrupt-geminis-long-term-memory?utm_source=rss1.0mainlinkanon&utm_medium=feed Source: Slashdot Title: New Hack Uses Prompt Injection To Corrupt Gemini’s Long-Term Memory Feedly Summary: AI Summary and Description: Yes Summary: The text discusses a newly demonstrated attack by researcher Johann Rehberger that compromises Google’s Gemini chatbot by manipulating its long-term memory functionality through untrusted document summarization. The attack bypasses existing prompt…