Malicious code in openai-examples (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 0209fe94e2a98b2966850b302c4c2dda331437ead2871a609a8677cdc85516fc Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

MAL-2024-9174 Malicious code in openai-bun-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 224d5cc373a08c5cb79261ea9fc3c71f16a5b2b64a3582fd82a1f624e541448d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious code in openai-bun-test (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 224d5cc373a08c5cb79261ea9fc3c71f16a5b2b64a3582fd82a1f624e541448d Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

Malicious Package

Overview openai-bun-test is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

Malicious Package

Overview openai-bun-test is a malicious package. This package contains malicious code that collects sensitive information about the victim and sends it to the attacker's remote server. While this package might be attempting to impersonate a valid organization, there is no connection between that...

AI Pulse: What's new in AI regulations?

Fall is in the air and frameworks for mitigating AI risk are dropping like leaves onto policymakers’ desks. From California’s SB 1047 bill and NIST’s model-testing deal with OpenAI and Anthropic to REAIM’s blueprint for military AI governance, AI regulation is proving to be a hot and complicated...

WordPress AI Chatbot with ChatGPT by AYS plugin <= 2.0.9 - Unauthenticated OpenAI Key Disclosure vulnerability

Unauthenticated OpenAI Key Disclosure vulnerability discovered by Kieran Burge in WordPress Plugin AI ChatBot with ChatGPT and Content Generator by AYS versions = 2.0.9...

CVE-2024-7713

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

CVE-2024-7714

CVE-2024-7714 affects the WordPress plugin AI Assistant with ChatGPT and Content Generator by AYS (versions prior to 2.1.0). The Nuclei/patchstack entries describe an insufficient access control flaw that lets an unauthenticated user trigger actions (ays_chatgpt_disconnect, ays_chatgpt_connect, a...

CVE-2024-7713 AI Chatbot with ChatGPT by AYS <= 2.0.9 - Unauthenticated OpenAI Key Disclosure

The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin before 2.1.0 discloses the Open AI API Key, allowing unauthenticated users to obtain it...

WordPress plugin AI Chatbot with ChatGPT by AYS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress plugin AI Chatbot...

WordPress plugin AI Assistant with ChatGPT by AYS 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

PT-2024-38529 · Ays · Ayswp Chatbot

Name of the Vulnerable Software and Affected Versions: The AI ChatBot with ChatGPT and Content Generator by AYS WordPress plugin versions prior to 2.1.0 Description: The issue allows unauthenticated users to obtain the Open AI API Key. This is due to the disclosure of the Open AI API Key in the...

ChatGPT macOS Flaw Could've Enabled Long-Term Spyware via Memory Function

A now-patched security vulnerability in OpenAI's ChatGPT app for macOS could have made it possible for attackers to plant long-term persistent spyware into the artificial intelligence AI tool's memory. The technique, dubbed SpAIware, could be abused to facilitate "continuous data exfiltration of...

WordPress SmartSearchWP plugin < 2.4.6 - Unauthenticated OpenAI Key Disclosure vulnerability

Unauthenticated OpenAI Key Disclosure vulnerability discovered by Kieran Burge in WordPress Plugin SmartSearch WP versions 2.4.6...

CVE-2024-6845

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key...

CVE-2024-6845

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key...

CVE-2024-6845 SmartSearchWP < 2.4.6 - Unauthenticated OpenAI Key Disclosure

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key...

CVE-2024-6845 SmartSearchWP < 2.4.6 - Unauthenticated OpenAI Key Disclosure

The Chatbot with ChatGPT WordPress plugin before 2.4.6 does not have proper authorization in one of its REST endpoint, allowing unauthenticated users to retrieve the encoded key and then decode it, thereby leaking the OpenAI API key...

CVE-2024-6845

CVE-2024-6845 affects SmartSearchWP (Chatbot with ChatGPT WordPress plugin)