‘HalluSquatting’ Turns AI Hallucinations Into Botnet Delivery Mechanism
Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution. The post ‘HalluSquatting’ Turns A...
Articles mapped to MITRE ATT&CK techniques. Select a technique to view matching articles.
359 articles found
Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution. The post ‘HalluSquatting’ Turns A...
A large-scale exploitation campaign is actively weaponising known vulnerabilities across multiple content management systems, with WordPress plugins forming ...
A critical vulnerability has been discovered in HP Linux Imaging and Printing Software (HPLIP), which exposes Linux systems to potential privilege escalation...
Foxit has released critical security updates to address multiple use-after-free vulnerabilities that could lead to remote code execution (RCE) in its widely ...
Google has released a critical security update for Chrome, upgrading the Stable channel to version 150.0.
Claude Desktop’s synced Personal Preferences feature can be exploited as a covert prompt-injection vector, transforming the AI assistant into a de facto comm...
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Lorex 2K Indoor Wi-Fi Security Cameras. Authentic...
Krayin CRM v2.2.
A significant security vulnerability in Google’s Gemini Live API has exposed applications to remote code execution (RCE) due to misconfigured ephemeral token...
Microsoft has disclosed a high-severity remote code execution (RCE) vulnerability in its Chromium-based Edge browser, identified as CVE-2026-57992. This vuln...
MCPJam Inspector - Remote Code Execution
Attackers are exploiting the critical Adobe ColdFusion flaw CVE-2026-48282, which allows remote code execution on unpatched servers. Attackers have started e...
A newly discovered deserialization vulnerability, tracked as CVE-2026-44963, affects Veeam Backup & Replication. This vulnerability allows authenticated doma...
A newly disclosed set of vulnerabilities in the widely used FatFs file system library is raising significant concerns across the embedded systems ecosystem. ...
It's Time to Upgrade Your SMB Session This week, Metasploit contributor Dean Welch has added an SMB to Meterpreter session upgrade module. It uses PsExec to ...
It's Time to Upgrade Your SMB Session This week, Metasploit contributor Dean Welch has added an SMB to Meterpreter session upgrade module. It uses PsExec to ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating ...
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution vulnerability patched in May. [.
CISA says threat actors are exploiting a recently patched SharePoint remote code execution vulnerability (CVE-2026-45659). The post CISA Warns of Actively Ex...
Adobe fixed multiple critical flaws, including max severity bugs in ColdFusion and Campaign Classic that could lead to remote code execution Adobe has releas...