Hackers Exploit ChatGPT with CVE-2024-27564, 10,000+ Attacks in a Week

In its latest research report, cybersecurity firm Veriti has spotted active exploitation of a vulnerability within "OpenAI's ChatGPT…...

brickcityboxing.com Cross Site Scripting vulnerability OBB-4031596

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ereagle.com Cross Site Scripting vulnerability OBB-4031234

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

ezinemart.com Cross Site Scripting vulnerability OBB-3922084

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

Password Manager Firms Blast Back at ‘Leaky Password’ Revelations

Secure password firms 1Password, Dashlane, KeePass and LastPass are blasting a research report that highlights how a local adversary can crack open and steal passwords stored by the utilities. The uproar began Tuesday when lead researcher, Adrian Bednarek with Independent Security Evaluators ISE,...

Abbott Addresses Life-Threatening Flaw in a Half-Million Pacemakers

About 350,000 implantable defilibrators are up for a firmware update, to address potentially life-threatening vulnerabilities. Abbott formerly St. Jude Medical has released another upgrade to the firmware installed on certain implantable cardioverter defibrillator ICD or cardiac resynchronization...

Inflection: Host Header Injection and Cache Poisoning

Researcher submitted a report duplicating an issue that had already been reported to us, and then requested that we disclose this report publicly. So here we are...

SHA-1 Collisions Research

Today, a group of eight researchers from across the security industry released a research report on SHA-1 that demonstrates for the first time, a “hash collision” for the full SHA-1 hash algorithm called “SHAttered”. This is a significant step toward understanding this type of security issue, a...

Following the Malware Supply Chain

While many outside of the security industry still perceive “hackers” as teenagers or isolated geeks who work alone, a recent research report encourages the general public to see malware as a cooperative industry that supports specialists, economies, and supply chains. Read the full article. Dark...