Vulnerabilities | News, how-tos, features, reviews, and videos
The list highlights the impact and prevalence of the 10 most critical vulnerabilities found in artificial intelligence applications based on LLMs.
At least one organization, UK payroll provider Zellis, has confirmed a breach via the MOVEit utility.
Newly discovered campaign takes advantage of the fact that most vulnerability scanning tools don't read compiled open-source software.
A SQL injection vulnerability has been found in the MOVEit Transfer web application, allowing an unauthenticated attacker to gain unauthorized access to MOVEit Transfer’s database.
Attackers can abuse the UEFI firmware to inject executable malware code into the Windows kernel, compromising systems.
Research highlights the risks posed by inactive Salesforce sites that continue to pull sensitive business data and can be easily exploited by malicious actors.
The vulnerability stemmed from incomplete input validation of user-supplied .tar files.
The new technique has a hacker simulate an archiving app in the web browser to trick victims as they try to access a .zip domain.
VulnCheck’s new database tracks exploits for fresh vulnerabilities in real time and allows for search using CVE IDs.
Some of the vulnerabilities could lead to complete compromise of the device as a proof of concept is publicly available.