Search cyberveille.decio.ch

Found 3 bookmarks

Custom sorting

Data Exfiltration from Slack AI via indirect prompt injection

This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation. This was responsibly disclosed to Slack (more details in Responsible Disclosure section at the end).

#promptarmor #EN #2024 #Slack #prompt-injection #LLM #vulnerability #steal #indirect-prompt #injection

·promptarmor.substack.com·Aug 20, 2024

Data Exfiltration from Slack AI via indirect prompt injection

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

Discover key insights into the recently disclosed Cisco NX-OS software CLI vulnerability (CVE-2024-20399) affecting numerous Cisco Nexus devices.

#sygnia #EN #2024 #CVE-2024-20399 #Cisco #NX-OS #Command #Injection #Nexus

·sygnia.co·Jul 2, 2024

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

Security Flaw in WP-Members Plugin Leads to Script Injection

Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.

#securityweek #EN #2024 #plugin #WP #Wordpress #WP-Members #Injection #vulnerability

·securityweek.com·Apr 4, 2024

Security Flaw in WP-Members Plugin Leads to Script Injection