Login Subscribe

Vulnerabilities & Exploits

GoAnywhere MFT Zero‑Day Bypasses Firewalls, Lets Attackers Run Code

GoAnywhere MFT Zero‑Day Bypasses Firewalls, Lets Attackers Run Code

A critical zero‑day in GoAnywhere Managed File Transfer (MFT) was disclosed by VMware Security. The flaw allowed unauthenticated attackers to upload a malicious payload and achieve remote code execution on any server running an unpatched version of the product. Because the exploit works through the application’s web interface,

Indirect Prompt Injection Hijacks AI Agents via Web UI Manipulation

Indirect Prompt Injection Hijacks AI Agents via Web UI Manipulation

Palo Alto Networks’ Unit42 team identified a new class of indirect prompt injection attacks where threat actors compromise web interfaces that relay user‑generated content to backend AI agents. By inserting specially crafted text into form fields, comments, or API payloads, the attackers embed hidden prompts that steer the AI

GoAnywhere MFT Zero‑Day Bypasses Perimeter Defenses, Exposes File Transfer Core

GoAnywhere MFT Zero‑Day Bypasses Perimeter Defenses, Exposes File Transfer Core

VMware’s investigation uncovered a high‑severity deserialization flaw in the GoAnywhere Managed File Transfer (MFT) platform. The zero‑day allowed an attacker to achieve remote code execution without authentication, effectively taking control of the file‑transfer service. Because GoAnywhere often sits behind the corporate firewall and is trusted for

Hidden Web Scripts Hijack AI Agents via Indirect Prompt Injection

Hidden Web Scripts Hijack AI Agents via Indirect Prompt Injection

Researchers at Unit42 observed attackers placing specially crafted strings inside ordinary web pages—HTML, JavaScript, or comments—that are later consumed by AI agents performing web‑scraping or content‑analysis tasks. When the AI parses the page, the malicious payload is treated as part of its prompt, causing the model

OAuth Redirect Abuse Bypasses Defenses, Powers New Phishing Campaigns

OAuth Redirect Abuse Bypasses Defenses, Powers New Phishing Campaigns

Microsoft researchers discovered that threat actors are weaponizing OAuth’s redirect_uri parameter to create phishing links that appear to come from trusted cloud services. By registering or compromising legitimate client IDs and then swapping the redirect endpoint for a malicious domain, the attackers can deliver payloads after the user

AI Model Theft and Roundcube Webmail Exploits Surge in March

AI Model Theft and Roundcube Webmail Exploits Surge in March

Checkpoint’s March threat report warns of a coordinated campaign that combines two distinct attack vectors. Adversaries are creating fraudulent accounts on cloud platforms to download and exfiltrate large AI models, while a separate group is actively exploiting two publicly disclosed vulnerabilities in Roundcube Webmail to gain unauthorized access to

Chrome Extension Hijack Exploits New Gemini Panel, Threatening Sessions and Prompt Data

Chrome Extension Hijack Exploits New Gemini Panel, Threatening Sessions and Prompt Data

Palo Alto Networks discovered that malicious Chrome extensions can intercept and manipulate the newly added Gemini panel. By injecting script into the panel’s UI, the extensions can hijack active user sessions, capture authentication tokens, and siphon AI model prompts entered by the user. The flaw arises from insufficient isolation