Collecting Cyber-News from over 60 sources

Tag: injection

OpenAI unveils Lockdown Mode to protect sensitive data from prompt injection attacks

Jun 6, 2026 11:43 PM

Tags: attack, chatgpt, data, injection, openai, vulnerability

Even with Lockdown Mode, ChatGPT could be still vulnerable to prompt injections, but the goal is to reduce the likelihood that sensitive data gets shared in the process. First seen on techcrunch.com Jump to article: techcrunch.com/2026/06/06/openai-unveils-lockdown-mode-to-protect-sensitive-data-from-prompt-injection-attacks/
New ChatGPT Lockdown Mode Limits Tools That Could Enable Data Exfiltration

Jun 6, 2026 5:43 PM

Tags: chatgpt, data, injection, openai, risk, tool

OpenAI has begun rolling out a new Lockdown Mode to ChatGPT for eligible personal accounts to reduce the risk of data exfiltration arising from prompt injection attacks.The feature is primarily designed for people and organizations that handle sensitive data and require stricter protection guarantees. Lockdown Mode is available to logged-in users across Free, Go, Plus,…
Android Gemini prompt injection flaw patched by Google

Jun 6, 2026 5:42 AM

Tags: android, flaw, google, injection

First seen on scworld.com Jump to article: www.scworld.com/brief/android-gemini-prompt-injection-flaw-patched-by-google
Cisco warns zero-day flaw in SD-WAN is being exploited

Jun 5, 2026 6:42 PM

Tags: cisco, exploit, flaw, injection, zero-day

The company cautioned that no current patches are available and the flaw could allow an attacker to conduct command injection attacks. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/cisco-zero-day-flaw-sd-wan-exploited/822138/
Null-Byte umgeht Netzwerk-Allowlist in Claude Code – Sandbox-Bypass öffnet Claude Code für PromptAngriffe

Jun 4, 2026 4:42 PM

Tags: cyberattack, injection

First seen on security-insider.de Jump to article: www.security-insider.de/claude-code-sandbox-bypass-null-byte-prompt-injection-datenabfluss-a-f4dc130466f4aed616ca8b5d64613fc5/
Critical Apache ActiveMQ Vulnerability Exposes Systems to Security Header Injection Attacks

Jun 3, 2026 2:42 PM

Tags: apache, attack, cve, cyber, flaw, injection, software, vulnerability

Apache ActiveMQ users are being urged to apply immediate patches following the disclosure of a critical vulnerability, CVE-2026-42253, that enables HTTP response header injection via improperly handled JMS message properties. The flaw affects both Apache ActiveMQ and ActiveMQ Web components. It has been rated with “important” severity by the Apache Software Foundation. CVE-2026-42253: HTTP Response…
Malicious Notifications Could Trick Google Gemini Users

Jun 3, 2026 2:42 PM

Tags: flaw, google, injection, malicious, social-engineering

A prompt injection flaw in Google Gemini’s voice assistant let attackers hide malicious commands in notifications, enabling social engineering and more. First seen on darkreading.com Jump to article: www.darkreading.com/application-security/malicious-notifications-could-trick-google-gemini-users
38% of GitHub Actions Workflows Exposed to Script Injection Risks

Jun 3, 2026 1:42 PM

Tags: cyber, data-breach, github, injection, risk, software, vulnerability

Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlighting a growing risk in modern software supply chains. GitHub plays a central role in development pipelines by automating build, test, and deployment tasks through YAML-defined workflows and reusable actions. These workflows often run with…
38% of GitHub Actions Workflows Exposed to Script Injection Risks

Jun 3, 2026 1:42 PM

Tags: cyber, data-breach, github, injection, risk, software, vulnerability

Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlighting a growing risk in modern software supply chains. GitHub plays a central role in development pipelines by automating build, test, and deployment tasks through YAML-defined workflows and reusable actions. These workflows often run with…
38% of GitHub Actions Workflows Exposed to Script Injection Risks

Jun 3, 2026 1:42 PM

Tags: cyber, data-breach, github, injection, risk, software, vulnerability

Analysis has revealed that 38% of organizations are running GitHub Actions workflows vulnerable to script injection or unsafe trigger configurations, highlighting a growing risk in modern software supply chains. GitHub plays a central role in development pipelines by automating build, test, and deployment tasks through YAML-defined workflows and reusable actions. These workflows often run with…
Laravel CRLF Injection Flaw Could Disrupt Outbound Email Handling

Jun 3, 2026 9:42 AM

Tags: cve, cyber, data, email, flaw, framework, injection, mail, unauthorized, vulnerability

A high-severity vulnerability in the Laravel framework could allow attackers to manipulate outbound email processing, potentially leading to unauthorized message delivery, data exposure, or the abuse of mail relays. The issue, tracked as CVE-2026-48019, stems from improper neutralization of CRLF (Carriage Return Line Feed) sequences in Laravel’s default email validation logic. The vulnerability is documented…
Gartner sieht Angreifer bei vier Bedrohungen klar im Vorteil

Jun 3, 2026 8:42 AM

Tags: ai, cyberattack, deep-fake, gartner, injection, software, supply-chain

Deepfakes, kompromittierte KI-Anwendungen, Prompt Injection und Angriffe auf die Software-Lieferkette: Bei diesen vier Bedrohungen haben es Verteidiger nach Einschätzung von Gartner besonders schwer. Generative KI macht die Lage nicht einfacher, im Gegenteil. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gartner-vier-bedrohungen-k
Cybersicherheit: Vier kritische Bedrohungen erfordern dringenden Handlungsbedarf

Jun 3, 2026 8:42 AM

Tags: ai, cyberattack, cyersecurity, deep-fake, gartner, injection, software, vulnerability

Mehrschichtige Sicherheitsstrategien können helfen, Bedrohungen durch Prompt-Injection-Angriffe, Deepfakes und Kompromittierung von KI-Anwendungen und Software-Lieferketten abzuwehren. Gartner, ein Unternehmen für Wirtschafts- und Technologieanalysen, hat vier kritische und schwer vorhersehbare Bedrohungen identifiziert, bei denen Angreifer derzeit einen deutlichen Vorteil haben und Schwachstellen in Unternehmen besonders erfolgreich ausnutzen können. Dazu zählen Deepfakes, die Kompromittierung von KI-Anwendungen, Prompt-Injection-Angriffe… First…
Agent Threat Rules: Open detection rule format for AI agent security threats

Jun 3, 2026 7:42 AM

Tags: access, ai, detection, framework, injection, threat, tool

AI agents run inside coding assistants, MCP servers, and multi-agent frameworks, and the access that makes them useful also opens paths to prompt injection, tool poisoning, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/03/agent-threat-rules-ai-detection/
New ChatGPhish Technique Uses Prompt Injection to Manipulate ChatGPT Responses

Jun 1, 2026 10:42 AM

Tags: chatgpt, injection, phishing, social-engineering, vulnerability

Security researchers have unveiled ChatGPhish, a newly documented vulnerability concept that demonstrates how browser-based prompt injection can influence ChatGPT page summaries and potentially expose users to phishing, tracking, and social engineering attacks. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/chatgphish-prompt-injection-vulnerability/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
CISA orders feds to patch actively exploited Drupal vulnerability

May 26, 2026 12:00 PM

Tags: cisa, exploit, government, injection, sql, update, vulnerability

CISA has given U.S. government agencies until Wednesday evening to secure their servers against an SQL injection vulnerability in the Drupal content management system (CMS) that it flagged as actively exploited. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-orders-feds-to-patch-actively-exploited-drupal-vulnerability/
Ghost CMS Vulnerability Exploited to Infect 700 Sites With ClickFix Malware

May 26, 2026 12:00 PM

Tags: api, authentication, control, cyber, exploit, hacker, injection, malware, sql, vulnerability

Hackers are actively exploiting a critical SQL injection vulnerability in Ghost CMS (CVE-2026-26980) to compromise websites and distribute ClickFix malware through large-scale page-poisoning attacks. The vulnerability allows attackers to extract sensitive database contents without authentication, including the Ghost Admin API Key. Unlike the read-only Content API Key, this administrative key grants full control over posts…
Apache CXF Flaw Exposes Systems to LDAP Injection Attacks

May 26, 2026 11:00 AM

Tags: access, apache, attack, cve, cyber, flaw, injection, risk, service, unauthorized, vulnerability

Apache CXF users are facing a significant security risk following the disclosure of a new vulnerability that exposes systems to LDAP injection attacks, potentially allowing unauthorized access to sensitive certificate data. The issue, tracked as CVE-2026-44930, has been classified as “important” and affects the LDAP certificate repository within the XKMS (XML Key Management Specification) service…
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

May 25, 2026 3:00 PM

Tags: api, attack, cve, data, exploit, flaw, injection, malicious, sql, threat, vulnerability

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost’s Content API that could allow an unauthenticated attacker to read arbitrary…
Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

May 25, 2026 3:00 PM

Tags: api, attack, cve, data, exploit, flaw, injection, malicious, sql, threat, vulnerability

Threat actors are exploiting a recently disclosed critical security flaw in Ghost CMS to inject malicious JavaScript code with an aim to fuel ClickFix attacks.According to QiAnXin XLab, the activity involves the exploitation of CVE-2026-26980 (CVSS score: 9.4), an SQL injection vulnerability in Ghost’s Content API that could allow an unauthenticated attacker to read arbitrary…
CISA Warns Drupal Core SQL Injection Vulnerability Is Being Exploited in Attacks

May 25, 2026 12:00 PM

Tags: attack, cisa, cve, cyber, cybersecurity, exploit, flaw, infrastructure, injection, kev, risk, sql, vulnerability

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical SQL injection vulnerability in Drupal Core, tracked as CVE-2026-9082, which is now being actively exploited in the wild. The flaw has been added to CISA’s Known Exploited Vulnerabilities (KEV) catalog, signaling a high risk to organizations using affected Drupal deployments.…
(g+) ActiveMQ Jolokia Code-Injection: Schwachstelle Message Broker

May 25, 2026 11:00 AM

Tags: apache, api, cve, injection, vulnerability

CVE-2026-34197 in Apache ActiveMQ wird aktiv ausgenutzt. Die Schwachstelle liegt in der Jolokia-API, in einigen Versionen ist keine Authentisierung nötig. Was zu tun ist. First seen on golem.de Jump to article: www.golem.de/news/activemq-jolokia-code-injection-schwachstelle-message-broker-2605-208974.html
Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

May 24, 2026 5:00 PM

Tags: attack, exploit, flaw, injection, malicious, sql, vulnerability

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ghost-cms-sql-injection-flaw-exploited-in-large-scale-clickfix-campaign/
Security Affairs newsletter Round 578 by Pierluigi Paganini INTERNATIONAL EDITION

May 24, 2026 3:01 PM

Tags: attack, cve, email, extortion, flaw, injection, international, sql, WeeklyReview

A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack Why pure extortion is…
CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

May 23, 2026 8:00 PM

Tags: attack, cve, exploit, flaw, injection, sql, update, vulnerability

Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or…
Drupal Core SQL Injection Bug Actively Exploited, Added to CISA KEV

May 23, 2026 11:00 AM

Tags: cisa, cve, cybersecurity, exploit, flaw, infrastructure, injection, kev, sql, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a recently patched critical security flaw impacting Drupal Core to its Known Exploited Vulnerabilities (KEV) catalog, based on evidence of active exploitation.The vulnerability in question is CVE-2026-9082 (CVSS score: 6.5), an SQL injection vulnerability affecting all supported versions of Drupal Core.”Drupal Core First seen on…
Drupal: Critical SQL injection flaw now targeted in attacks

May 22, 2026 4:00 PM

Tags: attack, exploit, flaw, hacker, injection, sql, vulnerability

Drupal is warning that hackers are attempting to exploit a “highly critical” SQL injection vulnerability announced earlier this week. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/drupal-critical-sql-injection-flaw-now-targeted-in-attacks/
Megalodon Malware Rapidly Infects Over 5,500 GitHub Repositories

May 22, 2026 9:00 AM

Tags: cyber, github, injection, malicious, malware, open-source

A newly identified malware campaign dubbed “Megalodon” has compromised more than 5,500 GitHub repositories, raising serious concerns about the security of open-source ecosystems. Security researchers from SafeDep report that the malware spreads through malicious code injections hidden inside seemingly legitimate projects, targeting developers who unknowingly download and execute infected files. Megalodon Malware Infects Github Repo…