vulnerability Archives - Page 3 of 11

ChatGPT browsing window with a blurred results pane, a visible MFA prompt, and a warning about “q=” links and allowlisted redirects

ChatGPT Data Leaks: Seven New Prompt Injection Paths and Real

yohanmanuja7 days ago7 days ago06 mins

Seven fresh techniques let attackers leak ChatGPT data through everyday workflows: poisoned search, “q=” one-click links, allowlisted ad redirects, conversation injection, markdown hiding, and memory poisoning. Because exposure rides on normal browsing and memory behavior, prevention requires policy plus proof: sanitize URLs, block bing.com/ck/a, disable Saved Memory for high-risk roles, and validate controls continuously with OWASP LLM Top 10 and MITRE ATLAS as your benchmarks.

Iran-aligned phishing campaign targeting US policy experts via prefilled Microsoft 365 portals and RMM persistence

Iran-Linked Phishing Hits US Policy Experts with M365 and RMM

yohanmanuja7 days ago7 days ago14 mins

Iran-aligned operators ran a precise phishing campaign against US policy experts. They impersonated scholars, redirected victims to prefilled Microsoft 365 pages, and, when blocked, installed remote-access tools. The goal: long-term visibility into policy drafts, research, and contacts—achieved through identity abuse, inbox rules, and pragmatic persistence.

Login screen for a video management system showing strong password rules and MFA prompt, with blurred camera tiles in the background

Louvre Password Heist: Weak Credentials, Wide Open Risk

yohanmanuja7 days ago7 days ago05 mins

A trivial surveillance password created an opening at one of the world’s most prominent institutions. Intruders gained awareness and timed their move because credential policy failed. This analysis delivers the signals, mitigations, and governance disciplines that stop repeats: rotation, MFA, segmentation, PAM for service accounts, and continuous validation for VMS and NVR stacks—without resorting to list spam or generic advice.

TruffleNet attack flow from stolen AWS keys to Amazon SES abuse and BEC

TruffleNet: Stolen AWS Keys, SES Abuse, BEC Defense

yohanmanuja1 week ago1 week ago05 mins

TruffleNet validates stolen AWS keys, profiles accounts, and abuses Amazon SES to run high-leverage BEC. Therefore, clamp down on access keys, isolate SES to a low-trust account, and alert on first-seen identity actions. Consequently, you deny validation, break pivots, and stop invoice fraud before it lands.

SIM farm racks with dozens of active SIM boxes overlayed with a warning about SMS OTP risk and carrier detection gaps

Monitor for OTP burst patterns and SIM rotation fingerprints in logs

yohanmanuja1 week ago1 week ago14 mins

SIM farms expose how weak KYC and SMS OTP let fraud scale. Raids seized SIM boxes and tens of thousands of cards. Here’s how carriers and brands can actually fix it.

Windows bind filter abuse blinds Microsoft Defender EDR telemetry using EDR-Redir V2

EDR-Redir V2 Blinds Microsoft Defender on Windows 11

yohanmanuja1 week ago1 week ago04 mins

EDR-Redir V2 blinds Microsoft Defender by abusing Windows file-system filter drivers with bind links that redirect or corrupt EDR working paths. This practitioner’s guide explains the method, highlights reliable artifacts, and lists resilient mitigations so teams can validate exposure, restore telemetry, and protect Windows 11 fleets without breaking production.

Luxury Brand Impersonation Wave: 1,330 Domains

yohanmanuja2 weeks ago2 weeks ago05 mins

Researchers tracked 1,330 suspicious domains impersonating 23 luxury brands ahead of peak shopping. Prepare for activation waves with monitoring, takedowns, and buyer guidance.

Malicious AI agent smuggling instructions through a live session to hijack a trusted peer’s tools

Agent Session Smuggling: Hijacking AI-to-AI Workflows

yohanmanuja2 weeks ago2 weeks ago35 mins

Agent session smuggling lets a hostile AI agent exploit a live multi-agent conversation, inherit tool authority, and trigger real actions. With scoped credentials, signed steps, and guarded workflows, teams can keep speed without losing control.

Linux kernel use-after-free exploitation chain with rapid patching, reduced local attack surface, and SIEM detections

Linux Kernel UAF Attacks: Admin Playbook to Reduce Exposure

yohanmanuja2 weeks ago2 weeks ago35 mins

Attackers actively exploit a Linux kernel use-after-free. Patch quickly, reduce local attack surface, and verify coverage with high-signal detections and a weekly baseline review.

Diagram of BADCANDY re-infection on Cisco IOS XE from exposed web UI with patch and exposure controls

Critical Risk: BADCANDY Re-Infection on Unpatched IOS XE

yohanmanuja2 weeks ago2 weeks ago06 mins

BADCANDY continues to compromise exposed Cisco IOS XE devices via CVE-2023-20198. Close the web UI exposure, patch now, rotate credentials, and verify eradication.

GootLoader’s comeback: hidden filenames, ZIP-JS payloads

npm typosquat targets GitHub Actions to steal tokens and artifacts

Rhadamanthys disruption derails credential-theft campaigns

Windows admins: prioritize November zero-day and RCE

Russia Adds 24-Hour SIM Cooling-Off After Roaming

Zoom for Enterprise: close DLL path attacks, move to 6.3.10 today

Tag: vulnerability

ChatGPT Data Leaks: Seven New Prompt Injection Paths and Real

Iran-Linked Phishing Hits US Policy Experts with M365 and RMM

Louvre Password Heist: Weak Credentials, Wide Open Risk

TruffleNet: Stolen AWS Keys, SES Abuse, BEC Defense

Monitor for OTP burst patterns and SIM rotation fingerprints in logs

EDR-Redir V2 Blinds Microsoft Defender on Windows 11

Luxury Brand Impersonation Wave: 1,330 Domains

Agent Session Smuggling: Hijacking AI-to-AI Workflows

Linux Kernel UAF Attacks: Admin Playbook to Reduce Exposure

Critical Risk: BADCANDY Re-Infection on Unpatched IOS XE