Aggregator

OpenAI seems to have implemented some mitigation steps for a well-known data exfiltration vulnerability in ChatGPT. Attackers can use image markdown rendering during prompt injection attacks to send data to third party servers without the users’ consent.

The fix is not perfect, but a step into the right direction. In this post I share what I figured out so far about the fix after looking at it briefly this morning.

一些BAT的XSS实例（九）番外篇

不忘初心px1624

2 years 3 months ago

前言本来该系列只有八篇，这篇是由于之前设计题目的过程中，别人给出了多个我没想到的解法思路，所以就专门写了这个

一些BAT的XSS实例（九）番外篇

不忘初心px1624

2 years 3 months ago

前言本来该系列只有八篇，这篇是由于之前设计题目的过程中，别人给出了多个我没想到的解法思路，所以就专门写了这个

一些BAT的XSS实例（九）番外篇

不忘初心px1624

2 years 3 months ago

前言本来该系列只有八篇，这篇是由于之前设计题目的过程中，别人给出了多个我没想到的解法思路，所以就专门写了这个

Spike in Atlassian Exploitation Attempts: Patching is Crucial

Grey Noise

2 years 3 months ago

In the blog we discuss the importance of securing your Atlassian products, provide valuable insights on various IP activities, and offer friendly advice on proactive measures to protect your organization.

Europol Makes New Ransomware Arrests. But Will It Make Any Difference?

Ransomware.org

2 years 3 months ago

In the relatively short history of ransomware crime, very few of the professional criminals behind these attacks have ever been brought to justice. So many crimes, so few arrests, and there’s no mystery as to why: Ransomware criminals typically operate from countries with weak or no laws against what they do, and sometimes (stand up, […]

The post Europol Makes New Ransomware Arrests. But Will It Make Any Difference? appeared first on Ransomware.org.

John E. Dunn