SQL Injection Vulnerability in Microsoft DevBlogs Enables Malicious SQL
A security researcher recently discovered a critical SQL injection vulnerability on Microsoft's DevBlogs site (https://devblogs.microsoft.com), allowing attackers to manipulate the database with malicious SQL queries, threatening platform security and data [...]
FunkSec Ransomware Leads December Attacks, Compromising 85 Victims
FunkSec, a RaaS operator, utilizes artificial intelligence to evolve threat actor strategies. While AI aids in scaling operations and generating ransomware, its sophistication remains limited. FunkSec Ransomware Recycled or fabricated [...]
ChatGPT Crawler Flaw Enables DDoS Attacks on Websites
A critical vulnerability in OpenAI's ChatGPT API allows attackers to launch DDoS attacks on arbitrary websites by exploiting how the API handles HTTP POST requests to the endpoint https://chatgpt[.]com/backend-api/attributions. The [...]
Azure DevOps flaws allow CRLF injection and DNS rebinding attacks
Security researchers have uncovered multiple Azure DevOps vulnerabilities, enabling CRLF injection and DNS rebinding attacks. Discovered by Binary Security during a client engagement, these flaws expose critical risks in the [...]
Apple is offering an Information Security Internship – Apply Now
Apple has announced an exciting Information Security Internship in London, designed for tech-savvy students passionate about starting a career in cybersecurity. This opportunity allows interns to work alongside some of [...]
Get Social