many parts make the whole
In it’s too good to be true news, what if you could just ask your target system to execute code? Lucas Luitjes has an interesting article about simply asking AI chatbots to execute code and it turns out they will! Sanitizing user input has been a known issue for quite some time. Without sanitized input … Read More “REMOTE CODE EXECUTION BY ASKING NICELY – InjectGPT” »
Veeam has recently disclosed a vulnerability which allows unauthenticated access to cleartext credentials. A bad actor would only require network access to exploit this vulnerability and it has been assigned a CVSS score of 7.5 HIGH. Versions before 12.0.0.1420 P20230223 and 11.0.1.1261 P20230227 are vulnerable. Leaked credentials are especially concerning in this case because they … Read More “Veeam Backup & Replication – CVE-2023-27532” »