Researchers claim breakthrough in fight against AI’s frustrating #security hole

In the #AI world, a #vulnerability called "prompt injection" has haunted developers since #chatbots went mainstream in 2022. Despite numerous attempts to solve this fundamental vulnerability—the digital equivalent of whispering secret instructions to override a system's intended behavior—no one has found a reliable solution. Until now, perhaps.
#promptinjection

https://arstechnica.com/information-technology/2025/04/researchers-claim-breakthrough-in-fight-against-ais-frustrating-security-hole/

Firefox Fixes High-Severity Vulnerability Causing Memory Corruption via Race Condition https://gbhackers.com/firefox-fixes-high-severity-vulnerability/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity #FirefoxNews #Firefox

You can now share your thoughts on vulnerability CVE-2025-39581 in Vulnerability-Lookup:
https://vulnerability.circl.lu/vuln/CVE-2025-39581

themifyme - Themify Shortcodes

Critical Vulnerability Found in Apache Roller Blog Server https://www.securityweek.com/critical-vulnerability-found-in-apache-roller-blog-server/ #Vulnerabilities #vulnerability #ApacheRoller

Critical Vulnerability Found in Apache Roller Blog Server https://www.securityweek.com/critical-vulnerability-found-in-apache-roller-blog-server/ #Vulnerabilities #vulnerability #ApacheRoller

Tails 6.14.2 Released with Critical Fixes for Linux Kernel Vulnerabilities https://gbhackers.com/tails-6-14-2-released/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities https://www.securityweek.com/chrome-135-firefox-137-updates-patch-severe-vulnerabilities/ #Vulnerabilities #vulnerability #Firefox #Chrome

Chrome 135, Firefox 137 Updates Patch Severe Vulnerabilities https://www.securityweek.com/chrome-135-firefox-137-updates-patch-severe-vulnerabilities/ #Vulnerabilities #vulnerability #Firefox #Chrome

Critical authentication bypass and OS command injection flaws in Mitsubishi Electric smartRTU
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-authentication-bypass-and-os-command-injection-flaws-in-mitsubishi-electric-smartrtu-8-5-t-t-q/gD2P6Ple2L

CISA Issues 9 New ICS Advisories Addressing Critical Vulnerabilities https://gbhackers.com/cisa-issues-9-new-ics-advisories/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity

You know when you see news articles about hacks of password databases or critical vulnerabilities in popular software, they usually quote a "CVE" number that officially identified the issue and allowed it to be defined precisely, and tracked? Well that's gone as of today. Looks like the trump regime has cancelled one off the foundational authorities on cybersecurity, the CVE or Common Vulnerabilities and Exposures program, without explanation. Basically the whole of "tech" relies on this, but I guess it's just America supporting the rest of the world, so it has to go. #cybersecurity #cybersec #cve #vulnerability #VulnerabilityDatabase

Edits: typos/autocorrupt

Oracle Issues Patch for 378 Vulnerabilities in Major Security Rollout https://gbhackers.com/oracle-issues-patch-for-378-vulnerabilities/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity

Critical security vulnerabilities patched in Google Chrome
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-security-vulnerabilities-patched-in-google-chrome-9-i-0-8-s/gD2P6Ple2L

Critical session management vulnerability reported in Apache Roller
#cybersecurity #infosec #advisory #vulnerability
https://beyondmachines.net/event_details/critical-session-management-vulnerability-reported-in-apache-roller-e-8-c-r-d/gD2P6Ple2L

@adamshostack 's thoughts on the cancellation of CVE funding.

https://shostack.org/blog/thoughts-on-cve/

MITRE Ends CVE Program Support – Leaked Internal Memo Confirms Departure https://gbhackers.com/mitre-ends-cve-program-support/ #CVE/vulnerability #CyberSecurityNews #cybersecurity #Vulnerability

Critical Chrome Vulnerability Exposes Users to Data Theft and Unauthorized Access https://gbhackers.com/critical-chrome-vulnerability-2/ #CVE/vulnerability #CyberSecurityNews #Vulnerability #cybersecurity #Chrome #Google

CVE-2025-21299: Unguarding Microsoft Credential Guard:

https://www.netspi.com/blog/technical-blog/adversary-simulation/cve-2025-21299-cve-2025-29809-unguarding-microsoft-credential-guard/

Just under 900 IPs and counting in the last 12 hours coming at my infra:

---
403 343 - - ---- 3/3/0/0/0 0/0 {bogl.no} "POST /xmlrpc.php HTTP/1.1"
---

Critical Chrome Vulnerability Let Attackers Steal Data & Gain Unauthorized Access https://cybersecuritynews.com/critical-chrome-vulnerability-steal-data/ #CyberSecurityNews #cybersecuritynews #CyberSecurity #cybersecurity #vulnerability