#sql-injection

[ follow ]
#cybersecurity #seo-fraud #ghostredirector #rungan #gamshen #prompt-injection #llms #security-breach #data-leak
Information security
fromComputerWeekly.com
5 days ago

NCSC warns of confusion over true nature of AI prompt injection | Computer Weekly

Prompt injection attacks against LLMs differ from SQL injection and may be harder to mitigate, increasing risks of data leaks, disinformation, and malicious guidance.
Information security
fromTheregister
3 months ago

New China-aligned crew poisons Windows servers for SEO fraud

GhostRedirector used novel malware to compromise at least 65 Windows servers worldwide to manipulate Google search rankings for gambling sites.
Information security
fromThe Hacker News
3 months ago

GhostRedirector Hacks 65 Windows Servers Using Rungan Backdoor and Gamshen IIS Module

GhostRedirector compromises Windows servers to deploy Rungan backdoor and Gamshen IIS module, enabling SEO fraud by manipulating Googlebot responses and executing commands via SQL injection.
Mobile UX
fromArs Technica
5 months ago

Provider of covert surveillance app spills passwords for 62,000 users

A significant security breach exposed sensitive data of 62,000 users due to vulnerabilities in the Catwatchful app.
fromTheregister
5 months ago

Anthropic won't fix a bug in its SQLite MCP server

Anthropic's decision to leave the SQL injection vulnerability unpatched perpetuates a significant security threat to AI agents that depend on their SQLite Model Context Protocol.
Artificial intelligence
Tech industry
fromThe Hacker News
6 months ago

China-Linked Hackers Exploit SAP and SQL Server Flaws in Attacks Across Asia and Brazil

A China-linked threat actor is exploiting critical SAP NetWeaver vulnerabilities against organizations in Asia and Brazil since 2023.
The threat actor targets SQL injection vulnerabilities to infiltrate organizations.
[ Load more ]