Lucene search
K

50 matches found

The Hacker News
The Hacker News
added 2026/03/16 11:41 a.m.4 views

ClickFix Campaigns Spread MacSync macOS Infostealer via Fake AI Tool Installers

Three different ClickFix campaigns have been found to act as a delivery vector for the deployment of a macOS information stealer called MacSync. "Unlike traditional exploit-based attacks, this method relies entirely on user interaction – usually in the form of copying and executing commands –...

6.3AI score
Exploits0
Malwarebytes
Malwarebytes
added 2026/02/09 3:17 p.m.7 views

AI chat app leak exposes 300 million messages tied to 25 million users

An independent security researcher uncovered a major data breach affecting Chat & Ask AI, one of the most popular AI chat apps on Google Play and Apple App Store, with more than 50 million users. The researcher claims to have accessed 300 million messages from over 25 million users due to an...

5.6AI score
Exploits0
The Hacker News
The Hacker News
added 2026/01/06 5:21 p.m.14 views

Two Chrome Extensions Caught Stealing ChatGPT and DeepSeek Chats from 900,000 Users

Cybersecurity researchers have discovered two new malicious extensions on the Chrome Web Store that are designed to exfiltrate OpenAI ChatGPT and DeepSeek conversations alongside browsing data to servers under the attackers' control. The names of the extensions, which collectively have over 900,0...

6.4AI score
Exploits0
HackRead
HackRead
added 2025/10/27 6:49 p.m.4 views

‘ChatGPT Tainted Memories’ Exploit Enables Command Injection in Atlas Browser

LayerX Security found a flaw in OpenAI’s ChatGPT Atlas browser that lets attackers inject commands into its memory, posing major security and phishing risks...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2025-6651

Malicious code in bioql PyPI...

5.5CVSS5.7AI score0.00502EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2025-6631

Malicious code in bioql PyPI...

5.3CVSS4.9AI score0.00427EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-6656

Malicious code in bioql PyPI...

7.5CVSS7.5AI score0.00638EPSS
Exploits1References4
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2024-38530

Malicious code in bioql PyPI...

2.3CVSS6.6AI score0.00141EPSS
Exploits0References2
The Hacker News
The Hacker News
added 2025/09/20 5:31 a.m.4 views

ShadowLeak Zero-Click Flaw Leaks Gmail Data via OpenAI ChatGPT Deep Research Agent

Cybersecurity researchers have disclosed a zero-click flaw in OpenAI ChatGPT's Deep Research agent that could allow an attacker to leak sensitive Gmail inbox data with a single crafted email without any user action. The new class of attack has been codenamed ShadowLeak by Radware. Following...

6.1AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 7:32 a.m.6 views

CVE-2024-40594

The OpenAI ChatGPT app before 2024-07-05 for macOS opts out of the sandbox, and stores conversations in cleartext in a location accessible to other apps...

2.3CVSS6.8AI score0.00141EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/05/19 12:0 a.m.3 views

OpenAI ChatGPT 安全漏洞

OpenAI ChatGPT is a text-based artificial intelligence assistant from OpenAI, Inc. Interaction takes place in the form of a dialog. A security vulnerability exists in OpenAI ChatGPT versions 2025-03-30 and earlier, which stems from improper inline rendering of SVG documents and could lead to HTML...

6.5CVSS6.5AI score0.0038EPSS
Exploits1References2
The Hacker News
The Hacker News
added 2025/03/19 1:50 p.m.17 views

Leaked Black Basta Chats Suggest Russian Officials Aided Leader's Escape from Armenia

The recently leaked trove of internal chat logs among members of the Black Basta ransomware operation has revealed possible connections between the e-crime gang and Russian authorities. The leak, containing over 200,000 messages from September 2023 to September 2024, was published by a Telegram...

7.5AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/03/17 11:20 p.m.8 views

CVE-2025-2334

A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access...

5.5CVSS6.9AI score0.00502EPSS
Exploits1References1
HackRead
HackRead
added 2025/03/17 9:26 p.m.74 views

Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week

In its latest research report, cybersecurity firm Veriti has spotted active exploitation of a vulnerability within "OpenAI's ChatGPT…...

6.5CVSS7AI score0.40637EPSS
Exploits2
RedhatCVE
RedhatCVE
added 2025/03/17 2:23 p.m.7 views

CVE-2025-2322

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5. It has been classified as critical. This affects an unknown part of the file /chatgpt-boot/src/main/java/org/springblade/modules/mjkj/controller/OpenController.java. The manipulation leads to hard-coded credentials. It is...

7.5CVSS6.5AI score0.00638EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/17 12:16 p.m.12 views

CVE-2025-2321

A vulnerability was found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this issue is some unknown functionality of the file /api/mjkj-chat/cgform-api/addData/. The manipulation of the argument chatUserID leads to business logic errors. The attack may be...

6.5CVSS6.7AI score0.0039EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/03/16 10:17 p.m.11 views

CVE-2025-2320

A vulnerability has been found in 274056675 springboot-openai-chatgpt e84f6f5 and classified as critical. Affected by this vulnerability is the function submit of the file /api/blade-user/submit of the component User Handler. The manipulation leads to improper authorization. The attack can be...

7.5CVSS6.7AI score0.00638EPSS
Exploits1References1
OSV
OSV
added 2025/03/15 11:15 p.m.6 views

CVE-2025-2334

A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access...

9.1CVSS5AI score0.00502EPSS
Exploits1References4
NVD
NVD
added 2025/03/15 11:15 p.m.15 views

CVE-2025-2334

A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access...

9.1CVSS0.00502EPSS
Exploits1References4
Cvelist
Cvelist
added 2025/03/15 11:0 p.m.13 views

CVE-2025-2334 274056675 springboot-openai-chatgpt Chat History chat deleteChat access control

A vulnerability classified as problematic has been found in 274056675 springboot-openai-chatgpt e84f6f5. This affects the function deleteChat of the file /api/mjkj-chat/chat/ai/delete/chat of the component Chat History Handler. The manipulation of the argument chatListId leads to improper access...

5.5CVSS0.00502EPSS
Exploits1References4
Rows per page
Query Builder