Biometric Terminal Exposed to QR Code SQL Injection Vulnerability
A popular ZKTeco biometric terminal has critical vulnerabilities, including an SQL injection flaw via QR codes. This discovery raises serious concerns about the security of widely used biometric access control [...]
EmailGPT Vulnerability Exposes Sensitive Data to Attackers
A new prompt injection vulnerability, CVE-2024-5184, has been found in EmailGPT, the service and Chrome plugin that assists Gmail users in composing emails with OpenAI's GPT model. This vulnerability allows [...]
PoC Exploit Released for Veeam Authentication Bypass Flaw
A PoC exploit has been released for the critical Veeam Backup Enterprise Manager authentication bypass vulnerability, CVE-2024-29849, with a CVSS score of 9.8. This article explores the vulnerability, exploit, and [...]
Muhstik Malware Attacks Apache RocketMQ for Remote Code Execution
Apache RocketMQ, a widely used messaging system for handling high volumes of data and critical operations, often attracts hackers. Exploiting RocketMQ vulnerabilities allows attackers to disrupt communications, access sensitive information, [...]
Fog Ransomware Targets Windows Servers Admins for RDP Logins
The new 'Fog' ransomware targets US education and recreation businesses. Attackers used compromised VPN credentials from two different providers to access victim environments. They employed pass-the-hash attacks on administrator accounts [...]
Get Social