Tag: injection
-
Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution
Cybersecurity researchers have discovered a vulnerability in Google’s agentic integrated development environment (IDE), Antigravity, that could be exploited to achieve code execution.The flaw, since patched, combines Antigravity’s permitted file-creation capabilities with an insufficient input sanitization in Antigravity’s native file-searching tool, find_by_name, to bypass the program’s Strict First seen on thehackernews.com Jump to article: thehackernews.com/2026/04/google-patches-antigravity-ide-flaw.html
-
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/actively-exploited-apache-activemq-flaw-impacts-6-400-servers/
-
Actively exploited Apache ActiveMQ flaw impacts 6,400 servers
Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ongoing attacks exploiting a high-severity code injection vulnerability. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/actively-exploited-apache-activemq-flaw-impacts-6-400-servers/
-
SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files
Tags: cve, cvss, exploit, injection, malicious, open-source, rce, remote-code-execution, vulnerabilityA critical security vulnerability has been disclosed in SGLang that, if successfully exploited, could result in remote code execution on susceptible systems.The vulnerability, tracked as CVE-2026-5760, carries a CVSS score of 9.8 out of 10.0. It has been described as a case of command injection leading to the execution of arbitrary code.SGLang is a high-performance,…
-
Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet
FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/mirai-variant-dvr-flaw-iot-botnet/
-
Copilot & Agentforce offen für PromptTricks
Tags: access, ai, bug, cvss, cyberattack, injection, least-privilege, mail, microsoft, update, vulnerabilityKI-Agenten sind populär und anfällig dafür, missbraucht zu werden.KI-Agenten fürs Enterprise können bekanntlich Arbeitsabläufe optimieren. Aber auch die Datenexfiltration wie Sicherheitsforscher von Capsule Security herausgefunden haben. Sie haben sowohl in Microsoft Copilot Studio als auch Salesforce Agentforce Prompt-Injection-Schwachstellen entdeckt.Diese ermöglichen Angreifern in beiden Fällen schadhafte Befehle über scheinbar harmlose Prompts einzuschleusen mit potenziell verheerenden Folgen.…
-
TBK DVR Vulnerability CVE-2024-3721 Exploited to Spread Nexcorium DDoS Malware
Hackers are actively exploiting a critical vulnerability in TBK digital video recorder (DVR) devices to deploy a new Mirai-based botnet called Nexcorium. The campaign leverages CVE-2024-3721, an OS command injection vulnerability, highlighting how poorly secured IoT devices continue to fuel large-scale distributed denial-of-service (DDoS) attacks. Threat actors exploit CVE-2024-3721 by manipulating the “mdb” and “mdc”…
-
Spring AI SpEL Injection: From Vector Search to Remote Code Execution (CVE-2026-22738)
First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/spring-ai-spel-injection-from-vector-search-to-remote-code-execution-cve-2026-22738
-
SQL Kritische FortiClient-Schwachstelle wird in Angriffen genutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-forticclient-ems-sql-injection-cve-2026-21643-a-c93fd036b46b533d25fcc769d285ab24/
-
SQL Kritische FortiClient-Schwachstelle wird in Angriffen genutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-forticclient-ems-sql-injection-cve-2026-21643-a-c93fd036b46b533d25fcc769d285ab24/
-
SQL Kritische FortiClient-Schwachstelle wird in Angriffen genutzt
First seen on security-insider.de Jump to article: www.security-insider.de/cisa-forticclient-ems-sql-injection-cve-2026-21643-a-c93fd036b46b533d25fcc769d285ab24/
-
Wie Hacker über GitHub-Kommentare KI-Agenten von Google und Anthropic kapern
Ein Sicherheitsforscher hat eine neue Form der Prompt Injection aufgedeckt, die populäre KI-Tools wie Claude Code, Gemini CLI und GitHub Copilot verwundbar macht. Über präparierte Kommentare und PR-Titel können Hacker Schadcode ausführen und sensible API-Schlüssel extrahieren. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/github-kommentare-ki
-
Mirai Variant Nexcorium Exploits CVE-2024-3721 to Hijack TBK DVRs for DDoS Botnet
Threat actors are exploiting security flaws in TBK DVR and end”‘of”‘life (EoL) TP-Link Wi-Fi routers to deploy Mirai-botnet variants on compromised devices, according to findings from Fortinet FortiGuard Labs and Palo Alto Networks Unit 42.The attack targeting TBK DVR devices has been found to exploit CVE-2024-3721 (CVSS score: 6.3), a medium-severity command injection vulnerability affecting…
-
The Wall Around Claude 4.7 Does Not Extend to Dread
<div cla Anthropic released Claude Opus 4.7 on April 16, 2026 with automated cybersecurity safeguards and a Cyber Verification Program. Dark web intelligence from the same week, a cross-vendor prompt injection disclosure published the same morning, and the unanswered policy question of who decides which defenders deserve access to frontier AI all point to the…
-
The Wall Around Claude 4.7 Does Not Extend to Dread
<div cla Anthropic released Claude Opus 4.7 on April 16, 2026 with automated cybersecurity safeguards and a Cyber Verification Program. Dark web intelligence from the same week, a cross-vendor prompt injection disclosure published the same morning, and the unanswered policy question of who decides which defenders deserve access to frontier AI all point to the…
-
Microsoft, Salesforce Patch AI Agent Data Leak Flaws
Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker to leak sensitive data. First seen on darkreading.com Jump to article: www.darkreading.com/cloud-security/microsoft-salesforce-patch-ai-agent-data-leak-flaws
-
RCE by design: MCP architectural choice haunts AI agent ecosystem
sh, bash, powershell, curl, rm, and other high-risk binaries, they added.The core issue is that there’s currently no check in place to verify that a STDIO command is intended to initialize an MCP server rather than perform a malicious task. Furthermore, the researchers observed that even if the sent command fails to start the server,…
-
Copilot and Agentforce fall to form-based prompt injection tricks
PipeLeak: Salesforce Agentforce hijacked by a simple lead: In the Salesforce Agentforce case, attackers embed malicious instructions inside a public-facing lead form. When an internal user later asks the agent to review or process that lead, the agent executes the embedded instructions as if they were part of its task.According to a Capsule demonstration, the…
-
Copilot and Agentforce fall to form-based prompt injection tricks
PipeLeak: Salesforce Agentforce hijacked by a simple lead: In the Salesforce Agentforce case, attackers embed malicious instructions inside a public-facing lead form. When an internal user later asks the agent to review or process that lead, the agent executes the embedded instructions as if they were part of its task.According to a Capsule demonstration, the…
-
7 biggest healthcare security threats
Tags: access, ai, api, attack, breach, business, cloud, control, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, email, endpoint, google, government, hacking, healthcare, HIPAA, infrastructure, injection, insurance, Internet, phishing, risk, security-incident, service, software, spam, sql, threat, tool, vulnerabilityCloud vulnerabilities and misconfigurations: Many healthcare organizations have adopted cloud services as part of broader digital transformation initiatives. As a result, patient health information (PHI) and other sensitive data is increasingly being hosted in vendor cloud environments.The trend has broadened attack surface at healthcare organizations, says Anthony James, vice president of products at Infoblox, especially…
-
7 biggest healthcare security threats
Tags: access, ai, api, attack, breach, business, cloud, control, credentials, cyber, cyberattack, cybersecurity, dark-web, data, data-breach, email, endpoint, google, government, hacking, healthcare, HIPAA, infrastructure, injection, insurance, Internet, phishing, risk, security-incident, service, software, spam, sql, threat, tool, vulnerabilityCloud vulnerabilities and misconfigurations: Many healthcare organizations have adopted cloud services as part of broader digital transformation initiatives. As a result, patient health information (PHI) and other sensitive data is increasingly being hosted in vendor cloud environments.The trend has broadened attack surface at healthcare organizations, says Anthony James, vice president of products at Infoblox, especially…
-
Claude Mythos: Prepare for your board’s cybersecurity questions about the latest AI model from Anthropic
Tags: ai, api, application-security, attack, authentication, automation, best-practice, business, ceo, cisa, cloud, compliance, container, control, cve, cvss, cyber, cybersecurity, data, data-breach, endpoint, exploit, fedramp, finance, flaw, framework, governance, group, HIPAA, identity, injection, insurance, kev, law, linkedin, linux, LLM, macOS, network, PCI, risk, service, soc, software, strategy, technology, threat, update, vulnerability, vulnerability-management, windows, zero-day, zero-trustWith the Federal Reserve Chairman meeting with bank CEOs to discuss the security implications of Claude Mythos, you can bet that your board of directors will ask you about the impact of the AI model on your cybersecurity strategy. Here’s how to prepare. Key takeaways Anthropic announced Claude Mythos Preview, its most powerful general-purpose frontier…
-
New PHP Composer Flaws Enable Arbitrary Command Execution, Patches Released
Two high-severity security vulnerabilities have been disclosed in Composer, a package manager for PHP, that, if successfully exploited, could result in arbitrary command execution.The vulnerabilities have been described as command injection flaws affecting the Perforce VCS (version control software) driver. Details of the two flaws are below -CVE-2026-40176 (CVSS First seen on thehackernews.com Jump to…
-
SAP Patch Day Fixes Critical SQL Injection, DoS, and Code Injection Flaws
SAP released its monthly Security Patch Day updates, addressing 19 new security notes and one update to a previously released note. According to the official SAP Support Portal, these patches resolve severe vulnerabilities, including critical SQL injection, Denial of Service (DoS), and code injection flaws. SAP strongly advises all administrators to review these updates and…
-
CISA Warns Fortinet SQL Injection Flaw Is Being Actively Exploited
Tags: cisa, cve, cyber, cybersecurity, exploit, flaw, fortinet, infrastructure, injection, kev, sql, threat, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning regarding a critical security flaw in Fortinet software. On April 13, 2026, CISA added CVE-2026-21643 to its Known Exploited Vulnerabilities (KEV) catalog. This action confirms that threat actors are actively exploiting this weakness in real-world cyberattacks. CISA maintains this authoritative database to help…
-
CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software
Tags: adobe, cisa, cve, cybersecurity, exploit, flaw, fortinet, infrastructure, injection, microsoft, software, sql, vulnerabilityThe U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Monday added half a dozen security flaws to its Known Exploited Vulnerabilities (KEV) catalog, citing evidence of active exploitation.The list of vulnerabilities is as follows -CVE-2026-21643 (CVSS score: 9.1) – An SQL injection vulnerability in Fortinet FortiClient EMS that could allow an unauthenticated attacker to First seen on thehackernews.com…
-
Bypassing LLM Supervisor Agents Through Indirect Prompt Injection
Indirect prompt injection lets attackers bypass LLM supervisor agents by hiding malicious instructions in profile fields and contextual data. Learn how this attack works and how to defend against it. First seen on securityboulevard.com Jump to article: securityboulevard.com/2026/04/bypassing-llm-supervisor-agents-through-indirect-prompt-injection/