Hosted on MSN

Hackers can use prompt injection attacks to hijack your AI chats — here's how to avoid this serious security flaw

While more and more people are using AI for a variety of purposes, threat actors have already found security flaws that can turn your helpful assistant into their partner in crime without you even ...
ZDNet

SaltStack revises partial patch for command injection, privilege escalation vulnerability

The Salt Project has issued a secondary fix for a command injection vulnerability after the first attempt to patch the issue partially failed. The vulnerability, tracked as CVE-2020-28243, impacts ...
Dark Reading

92K D-Link NAS Devices Open to Critical Command-Injection Bug

A critical flaw in several end-of-life (EOL) models of D-Link network-attached storage (NAS) devices can allow attackers to backdoor the device and gain access to sensitive information, among other ...
Bleeping Computer

Heavily used Node.js package has a code injection vulnerability

A heavily downloaded Node.js library has a high severity command injection vulnerability revealed this month. Tracked as CVE-2021-21315, the bug impacts the "systeminformation" npm component which ...