-
The latest technique, uncovered by AI researcher @LLMSherpa on X (formerly Twitter), exposes a little-known vulnerability in OpenAI’s ChatGPT system, a prompt insertion attack leveraging the user’s OpenAI account name. Unlike traditional prompt injections, which typically involve cleverly crafted user input, this method exploits the way OpenAI stores the account name within ChatGPT’s internal system […] The post New Prompt Insertion Attack – OpenAI Account Name Used to Trigger ChatGPT Jailbreaks appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In early August 2025, security researchers uncovered an unprecedented campaign targeting India’s BOSS Linux installations through seemingly innocuous shortcut files. These files, masquerading as PDF documents, leverage the .desktop format intrinsic to Linux desktop environments to deliver and execute malicious payloads. Initial access is gained via spear-phishing emails containing a ZIP archive named “Meeting_Notice_Ltr_ID1543ops.pdf_.zip.” When […] The post APT36 Hackers Attacking Indian BOSS Linux Systems With Weaponized .desktop Shortcut Files appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Microsoft today announced the public preview of a new VM Conversion extension for Windows Admin Center, enabling IT administrators to migrate virtual machines from VMware vCenter to Hyper-V with minimal downtime. Available at no cost during i…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
WhatsApp Desktop users who have Python installed on their Windows PCs are at risk of arbitrary code execution due to a flaw in how the application handles Python archive files. A maliciously crafted .pyz file can be executed with a single click, granting attackers full control over the victim’s system. Meta has yet to classify this […] The post WhatsApp Desktop Users At Risk of Code Execution Attacks with Python on Windows PCs appeared first on Cyber Security News.
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
In August 2025, researchers at George Mason University published a groundbreaking study at the 34th USENIX Security Symposium, introducing OneFlip, an inference-time backdoor attack that flips just one bit in full-precision neural networks to implant stealth triggers. Unlike traditional backdoor methods that require poisoning training data or manipulating the training process, OneFlip operates entirely at […] The post OneFlip – New Attack Flips a Single Bit in Neural Networks for Stealthily Backdoor on AI Systems appeared first on Cyber Security…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A proof-of-concept exploit for a high-severity Google Chrome zero-day vulnerability has been published publicly, less than three months after the flaw was first disclosed, amid reports of active in-the-wild exploitation. The vulnerability, tracked as C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Cybersecurity researchers have identified a resurgence of SpyNote malware campaigns targeting Android users through sophisticated fake Google Play Store websites. The malicious actor behind these attacks has implemented new anti-analysis techniques and…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
Threat actors are increasingly refining Android droppers to circumvent enhanced security measures, extending their utility beyond sophisticated banking trojans to simpler malware variants like SMS stealers and basic spyware. Historically, droppers serv…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
The Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert regarding a critical vulnerability in Git (CVE-2025-48384) that enables arbitrary file writes and has already been observed in active exploitation campaigns. The fla…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
-
A critical Server-Side Request Forgery (SSRF) vulnerability has been discovered in the popular PhpSpreadsheet library, allowing attackers to inject malicious HTML input when processing spreadsheet documents. The vulnerability, assigned C…
¶¶¶¶¶
¶¶¶¶¶
¶¶¶¶¶
