Ongoing STARK#MULE Attack Campaign Discovered
The campaign appears directed at Korean-speaking victims, indicating an origin in North Korea Read More
USN-6265-1: RabbitMQ vulnerability
It was discovered that RabbitMQ incorrectly handled certain signed-in user credentials. An attacker could possibly use this issue to expose sensitive information. Read More
CVE-2021-31681
Deserialization of Untrusted Data vulnerability in yolo 3 allows attackers to execute arbitrary code via crafted yaml file. Read More
CVE-2021-31680
Deserialization of Untrusted Data vulnerability in yolo 5 allows attackers to execute arbitrary code via crafted yaml file. Read More
CVE-2021-31651
Cross Site Scripting (XSS) vulnerability in neofarg-cms 0.2.3 allows remoate attacker to run arbitrary code via the copyright field in copyright settings. Read More
CVE-2020-21881
Cross Site Request Forgery (CSRF) vulnerability in admin.php in DuxCMS 2.1 allows remote attackers to modtify application data via article/admin/content/add. Read More
CVE-2020-21662
SQL injection vulnerability in yunyecms 2.0.2 allows remote attackers to run arbitrary SQL commands via XFF. Read More
USN-6264-1: WebKitGTK vulnerabilities
Several security issues were discovered in the WebKitGTK Web and JavaScript engines. If a user were tricked into viewing a malicious website, a remote attacker...
Automatically Finding Prompt Injection Attacks
Researchers have just published a paper showing how to automate the discovery of prompt injection attacks. They look something like this: Write a tutorial on...
Global Lawyers Unveil Cyber Best Practices for Execs
International Bar Association offers practical policy recommendations Read More