Tag: injection
-
Edimax Camera RCE Vulnerability Exploited to Spread Mirai Malware
by
in SecurityNews
Tags: botnet, cctv, cve, cyber, exploit, injection, intelligence, Internet, iot, malware, rce, remote-code-execution, vulnerabilityA recent alert from the Akamai Security Intelligence and Response Team (SIRT) has highlighted the exploitation of a severe command injection vulnerability in Edimax Internet of Things (IoT) devices. This vulnerability, designated as CVE-2025-1316, has been actively used by multiple botnets to spread Mirai malware. Mirai is notorious for compromising IoT devices and orchestrating distributed…
-
Pre-authentication SQL Injection to RCE in GLPI (CVE-2025-24799 / CVE-2025-24801)
by
in SecurityNewsSummary A significant vulnerability has been identified in GLPI, a popular open-source IT asset management tool. This vulnerability, tracked as CVE-2025-24799 and CVE-2025-24801, allows an First seen on research.kudelskisecurity.com Jump to article: research.kudelskisecurity.com/2025/03/14/pre-authentication-sql-injection-to-rce-in-glpi-cve-2025-24799-cve-2025-24801/
-
Generative AI red teaming: Tips and techniques for putting LLMs to the test
by
in SecurityNewsDefining objectives and scopeAssembling a teamThreat modelingAddressing the entire application stackDebriefing, post-engagement analysis, and continuous improvementGenerative AI red teaming complements traditional red teaming by focusing on the nuanced and complex aspects of AI-driven systems including accounting for new testing dimensions such as AI-specific threat modeling, model reconnaissance, prompt injection, guardrail bypass, and more. AI red-teaming…
-
Attackers Can Manipulate AI Memory to Spread Lies
Tested on Three OpenAI Models, ‘Minja’ Has High Injection and Attack Rates. A memory injection attack dubbed Minja turns AI chatbots into unwitting agents of misinformation, requiring no hacking and just a little clever prompting. The exploit allows attackers to poison an AI model’s memory with deceptive information, potentially altering its responses for all users.…
-
New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?
by
in SecurityNewsThe Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers, Cato CTRL researchers warn. Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. The CVE-2023-1389 flaw is an unauthenticated command injection…
-
Code Injection Attacks
by
in SecurityNewsInjection vulnerabilities remain among the most critical and Injection vulnerabilities remain among the most critical and commonly exploited security risks in modern applications. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/03/code-injection-attacks/
-
Android Zygote Injection Flaw Lets Attackers Execute Code Gain Elevated Privileges
by
in SecurityNewsA significant vulnerability in the Android operating system, identified as CVE-2024-31317, has been discovered, allowing attackers to exploit the Zygote process for system-wide code execution and privilege escalation. This flaw affects devices running Android 11 or older, highlighting a critical security risk in the Android ecosystem. Background and Vulnerability Details The Zygote process is a…
-
Unpatched Edimax IP camera flaw actively exploited in botnet attacks
by
in SecurityNewsA critical command injection vulnerability impacting the Edimax IC-7100 IP camera is currently being exploited by botnet malware to compromise devices. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/unpatched-edimax-ip-camera-flaw-actively-exploited-in-botnet-attacks/
-
PoC Released for HPE Remote Support Tool Vulnerability Allowing Remote Code Execution
by
in SecurityNewsSecurity researchers have released proof-of-concept (PoC) exploit code for critical vulnerabilities in Hewlett Packard Enterprise’s (HPE) Insight Remote Support (IRS) tool, including an unauthenticated XML External Entity (XXE) injection flaw (CVE-2024-53675) and a path traversal-based remote code execution (RCE) vulnerability (CVE-2024-53676). These flaws affect IRS versions prior to v7.14.0.629 and expose systems to arbitrary file disclosure and full SYSTEM-level…
-
Cisco, Hitachi, Microsoft, and Progress Flaws Actively Exploited”, CISA Sounds Alarm
by
in SecurityNews
Tags: cisa, cisco, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, software, vulnerability, windowsThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added five security flaws impacting software from Cisco, Hitachi Vantara, Microsoft Windows, and Progress WhatsUp Gold to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2023-20118 (CVSS score: 6.5) – A command injection First seen…
-
CISA Alerts on Active Exploitation of Cisco Small Business Router Flaw
by
in SecurityNews
Tags: business, cisa, cisco, cyber, cybersecurity, exploit, flaw, infrastructure, injection, router, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent warning on March 3, 2025, about actively exploiting a critical command injection vulnerability (CVE-2023-20118) affecting end-of-life Cisco Small Business RV Series Routers. The flaw, which carries a CVSSv3.1 score of 6.5, enables authenticated attackers to execute arbitrary commands with root privileges, potentially compromising entire…
-
Commix: Open-source OS command injection exploitation tool
by
in SecurityNewsCommix is an open-source penetration testing tool designed to automate the detection and exploitation of command injection vulnerabilities, streamlining security assessments … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/03/03/commix-open-source-os-command-injection-exploitation-tool/
-
Cisco fixed command injection and DoS flaws in Nexus switches
by
in SecurityNewsCisco addressed command injection and denial-of-service (DoS) vulnerabilities in some models of its Nexus switches. Cisco released security updates to address command injection and DoS vulnerabilities in Nexus switches, including a high-severity flaw. The most severe issue, tracked as CVE-2025-20111 (CVSS Score of 7.4), resides in the health monitoring diagnostics of Cisco Nexus 3000 Series…
-
Millions of WordPress Websites Vulnerable to Script Injection Due to Plugin Flaw
by
in SecurityNewsA critical security vulnerability in theEssential Addons for Elementorplugin, installed on over 2 million WordPress websites, has exposed sites to script injection attacks via malicious URL parameters. The flaw, tracked as CVE-2025-24752 and scoring 7.1 (High) on the CVSS scale, allowed attackers to execute reflected cross-site scripting (XSS) attacks by exploiting insufficient input sanitization in the plugin’s password reset…
-
DeepSeek Lure Using CAPTCHAs To Spread Malware
by
in SecurityNews
Tags: ai, attack, botnet, breach, captcha, cloud, control, credentials, crypto, cybercrime, data, detection, exploit, infrastructure, injection, international, login, malicious, malware, network, open-source, powershell, privacy, scam, service, technology, theft, threat, tool, windowsIntroductionThe rapid rise of generative AI tools has created opportunities and challenges for cybercriminals. In an instant, industries are being reshaped while new attack surfaces are being exposed. DeepSeek AI chatbot that launched on January 20, 2025, quickly gained international attention, making it a prime target for abuse. Leveraging a tactic known as brand impersonation,…
-
Exim Mail Transfer Vulnerability Allows Attackers to Inject Malicious SQL
by
in SecurityNewsA newly disclosed vulnerability in the Exim mail transfer agent (CVE-2025-26794) has sent shockwaves through the cybersecurity community, revealing a critical SQL injection flaw that enables attackers to compromise email systems and manipulate underlying databases. The vulnerability, confirmed in Exim Version 4.98 installations using SQLite for hints databases, represents one of the most severe email…
-
PoC Exploit Released for F5 BIG-IP Command Injection Vulnerability
by
in SecurityNewsSecurity researchers have disclosed critical details about CVE-2025-20029, a command injection vulnerability in F5’s BIG-IP Traffic Management Shell (TMSH) command-line interface. The flaw enables authenticated attackers with low privileges to bypass security restrictions, execute arbitrary commands, and gainroot-level accessto vulnerable systems. A proof-of-concept (PoC) exploit demonstrating remote code execution was released on February 24, 2025, raising…
-
CISA flags Craft CMS code injection flaw as exploited in attacks
by
in SecurityNewsThe U.S. Cybersecurity & Infrastructure Security Agency (CISA) warns that a Craft CMS remote code execution flaw is being exploited in attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-flags-craft-cms-code-injection-flaw-as-exploited-in-attacks/
-
New LLM Vulnerability Exposes AI Models Like ChatGPT to Exploitation
by
in SecurityNewsA significant vulnerability has been identified in large language models (LLMs) such as ChatGPT, raising concerns over their susceptibility to adversarial attacks. Researchers have highlighted how these models can be manipulated through techniques like prompt injection, which exploit their text-generation capabilities to produce harmful outputs or compromise sensitive information. Prompt Injection: A Growing Cybersecurity Challenge…
-
ChatGPT Operator Prompt Injection Exploit Leaks Private Data
by
in SecurityNewsAccording to recent findings by cybersecurity researcher Johann Rehberger, OpenAI’s ChatGPT Operator, an experimental agent designed to automate web-based tasks, faces critical security risks from prompt injection attacks that could expose users’ private data. In a demonstration shared exclusively with OpenAI last month, Rehberger showcased how malicious actors could hijack the AI agent to extract…
-
Experts discovered PostgreSQL flaw chained with BeyondTrust zeroday in targeted attacks
by
in SecurityNewsThreat actors are exploiting a zero-day SQL injection vulnerability in PostgreSQL, according to researchers from cybersecurity firm Rapid7. Rapid7 researchers discovered a high-severity SQL injection flaw, tracked as CVE-2025-1094, in PostgreSQL’s psql tool. The experts discovered the flaw while investigating the exploitation of the vulnerability CVE-2024-12356 for remote code execution. BeyondTrust patched CVE-2024-12356 in December…
-
Apache Fineract SQL Injection Vulnerability Allows Malicious Data Injection
by
in SecurityNewsThe Apache Software Foundation has disclosed a critical SQL injection vulnerability in its widely utilized financial platform, Apache Fineract. The flaw, tracked as CVE-2024-32838, affects multiple API endpoints and poses a significant risk to applications built on this platform. This vulnerability allows authenticated attackers to inject malicious SQL data, potentially compromising sensitive information and the overall…
-
What is anomaly detection? Behavior-based analysis for cyber threats
by
in SecurityNewsa priori the bad thing that you’re looking for,” Bruce Potter, CEO and founder of Turngate, tells CSO. “It’ll just show up because it doesn’t look like anything else or doesn’t look like it’s supposed to. People have been tilting at that windmill for a long time, since the 1980s, trying to figure out what…
-
PostgreSQL Vulnerability Exploited Alongside BeyondTrust Zero-Day in Targeted Attacks
by
in SecurityNewsThreat actors who were behind the exploitation of a zero-day vulnerability in BeyondTrust Privileged Remote Access (PRA) and Remote Support (RS) products in December 2024 likely also exploited a previously unknown SQL injection flaw in PostgreSQL, according to findings from Rapid7.The vulnerability, tracked as CVE-2025-1094 (CVSS score: 8.1), affects the PostgreSQL interactive tool psql.”An First…
-
U.S. CISA adds Microsoft Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog
by
in SecurityNews
Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, microsoft, vulnerability, windows, zyxelU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Windows, Zyxel device flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog: The vulnerability CVE-2024-40891 is a command injection issue in Zyxel CPE Series devices that remains unpatched and has not yet…
-
New hack uses prompt injection to corrupt Gemini’s long-term memory
by
in SecurityNewsThere’s yet another way to inject malicious prompts into chatbots. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/02/new-hack-uses-prompt-injection-to-corrupt-geminis-long-term-memory/