EmailGPT Vulnerability Exposes Sensitive Data to Attackers
A new prompt injection vulnerability, CVE-2024-5184, has been found in EmailGPT, the service and Chrome plugin that assists Gmail users in composing emails with OpenAI's GPT model. This vulnerability allows [...]
PoC Exploit Released for Veeam Authentication Bypass Flaw
A PoC exploit has been released for the critical Veeam Backup Enterprise Manager authentication bypass vulnerability, CVE-2024-29849, with a CVSS score of 9.8. This article explores the vulnerability, exploit, and [...]
Muhstik Malware Attacks Apache RocketMQ for Remote Code Execution
Apache RocketMQ, a widely used messaging system for handling high volumes of data and critical operations, often attracts hackers. Exploiting RocketMQ vulnerabilities allows attackers to disrupt communications, access sensitive information, [...]
Fog Ransomware Targets Windows Servers Admins for RDP Logins
The new 'Fog' ransomware targets US education and recreation businesses. Attackers used compromised VPN credentials from two different providers to access victim environments. They employed pass-the-hash attacks on administrator accounts [...]
Cisco Webex Meetings Flaw Enables Unauthorized Access
Cisco disclosed a major security vulnerability in its Webex Meetings platform, affecting some customers in its Frankfurt data center since early May 2024. The vulnerability in Cisco Webex Meetings, found [...]
FHN 
