Collecting Cyber-News from over 60 sources

Tag: injection

Fake Android Apps Commit Carrier Billing Fraud for Premium Services

May 21, 2026 4:00 PM

Tags: android, automation, detection, fraud, injection, service

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/fake-android-apps-carrier-billing-fraud
Fake Android Apps Commit Carrier Billing Fraud for Premium Svcs.

May 21, 2026 1:00 AM

Tags: android, automation, detection, fraud, injection

The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/fake-android-apps-carrier-billing-fraud
Patch Now: Critical Flaw in OT Robot OS Gives Attackers Control

May 20, 2026 7:00 PM

Tags: access, control, exploit, flaw, injection, update, vulnerability

An unauthenticated attacker can exploit the command injection vulnerability to gain remote access to robotic systems, causing significant disruption to the environment. First seen on darkreading.com Jump to article: www.darkreading.com/ics-ot-security/patch-now-critical-flaw-ot-robot-os
AI Agent Security: Automating Workflow Without Creating Prompt Injection or Data Leak Risks

May 20, 2026 12:00 AM

Tags: ai, data, injection, leak, risk

AI agent security starts with a simple fact: the more authority an agent has, the tighter its access… First seen on hackread.com Jump to article: hackread.com/ai-agent-security-automating-prompt-injection-data-leak/
PostgreSQL Flaws Expose Databases to Remote Code Execution and SQL Injection

May 19, 2026 12:00 PM

Tags: attack, cyber, flaw, group, injection, remote-code-execution, service, sql, update, vulnerability

PostgreSQL has released critical security updates addressing multiple high-impact vulnerabilities that could allow remote code execution (RCE), SQL injection, and denial-of-service (DoS) attacks across widely deployed database environments. The PostgreSQL Global Development Group announced the release of versions 18.4, 17.10, 16.14, 15.18, and 14.23, fixing 11 security flaws and more than 60 bugs. These vulnerabilities…
New image-based prompt injection attack targets multimodal AI models

May 18, 2026 4:01 PM

Tags: access, ai, attack, control, defense, exploit, framework, guide, injection, open-source

Researchers claim strong black-box transferability: The researchers evaluated the technique against multiple open-source LVLMs, including MiniGPT4, BLIP-2, InstructBLIP, BLIVA, and Qwen2.5-VL, the paper added.According to the paper, the attack achieved an average success rate of 66.36% across tested models, outperforming prior baseline attacks by roughly 41 percentage points.The researchers also said the technique demonstrated “strong…
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

May 18, 2026 2:00 PM

Tags: authentication, control, cvss, exploit, flaw, fortinet, injection, ivanti, rce, remote-code-execution, sap, sql, update, vmware, vulnerability

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.”External control of a file…
Ivanti, Fortinet, SAP, VMware, n8n Patch RCE, SQL Injection, Privilege Escalation Flaws

May 18, 2026 2:00 PM

Tags: authentication, control, cvss, exploit, flaw, fortinet, injection, ivanti, rce, remote-code-execution, sap, sql, update, vmware, vulnerability

Ivanti, Fortinet, n8n, SAP, and VMware have released security fixes for various vulnerabilities that could be exploited by bad actors to bypass authentication and execute arbitrary code.Topping the list is a critical flaw impacting Ivanti Xtraction (CVE-2026-8043, CVSS score: 9.6) that could be exploited to achieve information disclosure or client-side attacks.”External control of a file…
Autonomous systems are finally working. Security is next

May 15, 2026 1:00 PM

Tags: access, ai, cloud, credentials, data, defense, exploit, identity, infrastructure, injection, risk

Security still runs at human speed: Despite advances in infrastructure, cloud and AI, the underlying workflow of security operations has not fundamentally changed. At its core, security still operates as a human-driven process: Alerts are generated, analysts investigate, context is assembled manually and decisions are made under pressure. This model was sufficient when environments were…
Palo Alto Networks bets on identity security for autonomous AI with Idira launch

May 14, 2026 12:01 PM

Tags: ai, attack, business, ceo, ciso, cloud, credentials, cybersecurity, governance, identity, injection, intelligence, least-privilege, mfa, network, RedTeam, risk, soc, threat, tool, vulnerability

CISOs navigate AI risks: For enterprises, the launch reflects a broader industry shift toward identity-centric cybersecurity models as organizations deploy generative AI tools, autonomous agents, and cloud-native applications at scale.Analysts say the growing number of non-human identities is creating operational and security challenges because many existing identity systems were originally built to manage employees and…
SAP Releases Patch for Critical SQL Injection Flaw in S/4HANA

May 12, 2026 4:20 PM

Tags: cyber, data, flaw, injection, sap, software, sql, update, vulnerability

A severe vulnerability has struck the heart of enterprise resource planning systems this month, threatening organizations worldwide with potential data breaches. On May 12, 2026, the software giant released its monthly security patch update to address 15 newly discovered security flaws across its software ecosystem. Enterprise defenders must prioritize these updates immediately, as attackers frequently…
AI security is repeating endpoint security’s biggest mistake

May 11, 2026 5:20 PM

Tags: access, ai, api, automation, business, control, data, detection, edr, endpoint, governance, incident response, injection, LLM, monitoring, open-source, radius, risk, saas, sbom, soc, strategy, technology, threat, tool, update

Most AI security is still at the posture phase: Look at where most organizations are with AI security today. Model cards, AI-specific SBOMs, input and output filters, prompt injection guardrails and access controls around model APIs. These are valuable controls, but they reflect a posture-based approach. To truly enhance security, organizations must recognize the importance…
Google Fixes CVSS 10 Gemini CLI Vulnerability Enabling GitHub Issue-Based RCE

May 6, 2026 10:47 PM

Tags: cvss, github, google, hacker, injection, rce, remote-code-execution, supply-chain, vulnerability

Google patches a CVSS 10 Gemini CLI vulnerability that allowed hackers to use prompt injection and privilege escalation for a full supply chain compromise. First seen on hackread.com Jump to article: hackread.com/google-cvss-10-gemini-cli-vulnerability-github-rce/
Train like you fight: Why cyber operations teams need no-notice drills

May 6, 2026 11:48 AM

Tags: breach, business, cloud, communications, credentials, cyber, cybersecurity, detection, framework, healthcare, injection, login, military, psychology, ransomware, risk, skills, soc, threat, training, update

The Yerkes-Dodson inverted-U curve: Performance rises with arousal to an optimal point, then falls sharply.Wikimedia Commons, CC-ZeroWhat repeated no-notice drills do is shift a team’s position on that curve. By building familiarity with threat-level arousal, they raise the threshold at which stress becomes performance-impairing. The stimulus is no longer novel. The cascade is shorter. Executive…
Supply-chain attacks take aim at your AI coding agents

May 5, 2026 11:47 PM

Tags: advisory, ai, attack, business, control, cybersecurity, github, infrastructure, injection, LLM, malicious, programming, risk, skills, social-engineering, software, supply-chain, threat, tool

Using LLMs to trick LLMs: ReversingLabs’ researchers observed clear signs of vibe coding in the creation of these malicious components, including LLM-generated code comments. However, something else stood out: the level of detail in their README files and the way the documentaton boasted about how effective these packages were at performing their tasks.The researchers questioned…
MetInfo CMS CVE-2026-29014 Exploited for Remote Code Execution Attacks

May 5, 2026 3:48 PM

Tags: attack, cve, exploit, flaw, injection, open-source, remote-code-execution, threat, vulnerability

Threat actors are actively exploiting a critical security flaw impacting an open-source content management system (CMS) known as MetInfo, according to new findings from VulnCheck.The vulnerability in question is CVE-2026-29014 (CVSS score: 9.8), a code injection flaw that could result in arbitrary code execution.”MetInfo CMS versions 7.9, 8.0, and 8.1 contain an unauthenticated PHP code…
AI finds 20-year-old bugs in PostgreSQL and MariaDB

May 5, 2026 2:48 PM

Tags: ai, breach, credentials, cve, exploit, flaw, github, injection, nist, rce, remote-code-execution, sql, vulnerability

Inadequate JSON parsing allowed RCE on the MariaDB server: In MariaDB, a buffer overflow bug, tracked as CVE-2026-32710, was found in the JSON_SCHEMA_VALID() function using Xint Code. The vulnerability allows an authenticated user to trigger a crash, which, under controlled conditions, could be escalated into remote code execution.Compared to the PostgreSQL flaws, exploitation here is…
Command Injection – Mirai-Botnetz kompromittiert veraltete DRouter

May 5, 2026 7:48 AM

Tags: botnet, injection, router

First seen on security-insider.de Jump to article: www.security-insider.de/d-link-dir-823x-mirai-rce-cve-2025-29635-a-c602535aa43d77ded05dd61237da09a5/
Indirect Prompt Injection Is Now a Real-World AI Security Threat

May 4, 2026 10:49 PM

Tags: ai, injection, threat

AI agents are now being weaponized through prompt injection, exposing why model guardrails are not enough to protect enterprise data. The post Indirect Prompt Injection Is Now a Real-World AI Security Threat appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-ai-agents-prompt-injection-data-security/
Security for AI: A strategic framework for closing the AI exposure gap

May 4, 2026 5:48 PM

Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, control, data, data-breach, detection, endpoint, exploit, flaw, framework, governance, identity, infrastructure, injection, jobs, least-privilege, LLM, malicious, microsoft, risk, risk-analysis, saas, service, software, threat, tool, unauthorized, vulnerability

As AI adoption accelerates, CISOs face a dual challenge: fueling innovation while mitigating the risks of a rapidly expanding attack surface. Tenable’s five-step framework for securing AI offers a systematic approach to reducing AI security risks as your organization races to achieve the productivity benefits of AI. Key takeaways Get a five-step framework to help…
Security for AI: A strategic framework for closing the AI exposure gap

May 4, 2026 5:48 PM

Tags: access, ai, api, attack, breach, business, ciso, cloud, compliance, control, data, data-breach, detection, endpoint, exploit, flaw, framework, governance, identity, infrastructure, injection, jobs, least-privilege, LLM, malicious, microsoft, risk, risk-analysis, saas, service, software, threat, tool, unauthorized, vulnerability

As AI adoption accelerates, CISOs face a dual challenge: fueling innovation while mitigating the risks of a rapidly expanding attack surface. Tenable’s five-step framework for securing AI offers a systematic approach to reducing AI security risks as your organization races to achieve the productivity benefits of AI. Key takeaways Get a five-step framework to help…
Wie Angreifer KI-Modelle durch Prompt-Injection gezielt täuschen

May 4, 2026 5:48 PM

Tags: ai, injection, intelligence, threat

Cloudflares Threat-Intelligence-Team Cloudforce One hat einen neuen Forschungsbericht veröffentlicht, der zeigt, wie Angreifer gezielt die Urteilsfähigkeit von KI-Modellen manipulieren mit teils alarmierenden Erfolgsquoten. Zum Hintergrund: Für die Studie wurden sieben führende KI-Modelle (Frontier- und Non-Frontier-Modelle) systematisch getestet. Das Ergebnis: Angreifer nutzen sogenannte “Lures” Textbausteine, mit denen KI-Modelle gezielt manipuliert oder verwirrt werden können […] First…
Security agencies draw red lines around agentic AI deployments

May 4, 2026 2:49 PM

Tags: access, advisory, ai, automation, awareness, cisa, control, data, governance, injection, international, monitoring, risk, risk-management, tool

Continuous monitoring with human-in-the-loop control: While the first half of the advisory focused on limiting what agents can do, the second was about watching what they actually do, reacting quickly when things go sideways.”Operators should implement continuous monitoring and auditing to maintain awareness of AI agent operation and ensure traceability for decisions and actions,” CISA…
PoC Disclosed for Critical Root ASUSTOR ADM RCE Flaw

Apr 30, 2026 1:39 PM

Tags: cve, cvss, cyber, data, flaw, injection, rce, remote-code-execution, vpn, vulnerability

A critical vulnerability, tracked as CVE-2026-6644, has been uncovered in ASUSTOR’s ADM (ASUSTOR Data Master) operating system. Specifically, the flaw exists within the PPTP VPN Client feature. Carrying a CVSS v4.0 score of 9.4, this OS command injection vulnerability allows an authenticated administrator to execute arbitrary commands with root privileges. ASUSTOR has since addressed the…
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release

Apr 30, 2026 12:39 PM

Tags: authentication, control, cve, cvss, cyber, exploit, flaw, injection, login, vulnerability, zero-day

A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them full administrative control over servers. The vulnerability stems from a Carriage Return Line Feed (CRLF) injection flaw within the application’s session…
Attackers Exploit cPanel Authentication Bypass 0-Day After PoC Release

Apr 30, 2026 12:39 PM

Tags: authentication, control, cve, cvss, cyber, exploit, flaw, injection, login, vulnerability, zero-day

A critical zero-day vulnerability, tracked as CVE-2026-41940, is currently being actively exploited across the web hosting industry. This CVSS 9.8 flaw allows unauthenticated remote attackers to bypass cPanel and WHM login mechanisms, granting them full administrative control over servers. The vulnerability stems from a Carriage Return Line Feed (CRLF) injection flaw within the application’s session…
Stopping the quiet drift toward excessive agency with re-permissioning

Apr 30, 2026 11:38 AM

Tags: access, ai, api, attack, ciso, control, data, finance, framework, injection, least-privilege, network, risk, risk-management, service, supply-chain, tool, unauthorized, update

Excessive agency directly proportional to over-permissioning: Organizations are worried about the level of autonomy AI introduces into their operational framework. Nearly three-quarters of organizations say agents often receive more access than necessary. It’s this excessive agency that needs to be reined in.In practice, unchecked autonomy within a particular workflow means the agent can access systems…
Backdoored WordPress Plugin Abuses Remote Update Checker for Silent Code Delivery

Apr 30, 2026 11:38 AM

Tags: backdoor, cyber, injection, malicious, update, wordpress

A long-dormant backdoor has been uncovered in the >>Quick Page/Post Redirect Plugin,<< a popular WordPress add-on with over 70,000 active installations. The tampered plugin, specifically version 5.2.3, contained two distinct malicious features. First, it featured a passive content injection mechanism. On every page viewed by a logged-out user, the plugin connected to a third-party server…
ProFTPD SQL Injection Flaw Opens Door To Remote Code Execution Attacks

Apr 30, 2026 7:39 AM

Tags: attack, authentication, cve, cvss, cyber, flaw, injection, mitre, remote-code-execution, sql

A newly disclosed flaw in ProFTPD is drawing urgent attention because it can let attackers move from a simple SQL injection bug to authentication bypass, privilege escalation, and in some environments even remote code execution. Tracked as CVE-2026-42167, the issue was found in ProFTPD’s mod_sql extension by ZeroPath Research, and MITRE assigned it a CVSS…
CVE-2026-42208: LiteLLM bug exploited 36 hours after its disclosure

Apr 29, 2026 11:40 PM

Tags: access, api, cve, data, exploit, flaw, injection, sql, vulnerability

Attackers quickly exploited a critical LiteLLM flaw (CVE-2026-42208) to access and modify sensitive database data via SQL injection. Attackers rapidly exploited a critical vulnerability in LiteLLM Python package, tracked as CVE-2026-42208, just days after it became public. The vulnerability, an SQL injection in the proxy API key verification process, lets attackers access and potentially modify database…