Found 5 bookmarks
Custom sorting
Ivanti warns of three more CSA zero-days exploited in attacks
Ivanti warns of three more CSA zero-days exploited in attacks
American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.
#bleepingcomputer#EN#2024#Bypass#Ivanti#Code#Command#Actively#Remote#Services#Exploited#Injection#Execution#Security#Zero-Day#CSA#Cloud#Appliance#CVE-2024-9379#CVE-2024-9380#CVE-2024-9381
·bleepingcomputer.com·
Ivanti warns of three more CSA zero-days exploited in attacks
Data Exfiltration from Slack AI via indirect prompt injection
Data Exfiltration from Slack AI via indirect prompt injection
This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation. This was responsibly disclosed to Slack (more details in Responsible Disclosure section at the end).
#promptarmor#EN#2024#Slack#prompt-injection#LLM#vulnerability#steal#indirect-prompt#injection
·promptarmor.substack.com·
Data Exfiltration from Slack AI via indirect prompt injection