Geek-Guy.com

Tag: injection

AI, Exploits, Global Security News, Government & Policy, Risk Management

CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack

Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or…

Read more →

AI, Apps, Exploits, Global Security News, Risk Management

New image-based prompt injection attack targets multimodal AI models

Security researchers have developed a new image-based prompt injection attack that can manipulate how multimodal AI systems interpret user instructions without modifying the original text prompt, potentially expanding security risks for AI agents and vision-language systems. In a research paper published this week, researchers from Xidian University described a technique called “CrossMPI,” which uses nearly…

Read more →

AI, Cybersecurity, Global Security News, Government & Policy, Risk Management

Security agencies draw red lines around agentic AI deployments

With prompt injection and other attack pathways consistently surfacing across agentic AI deployments, security watchdogs have stepped in, collectively, to draw some hard boundaries. A joint advisory from the US Cybersecurity and Infrastructure Security Agency (CISA) and international partners has called for tighter control over permissions, stronger monitoring, and a more deliberate rollout strategy, urging…

Read more →

AI, Exploits, Global Security News, malware, Network Security, Risk Management

Mirai Botnet exploits CVE-2025-29635 to target legacy D-Link routers

Mirai botnet is targeting old D-Link routers using CVE-2025-29635, a command injection flaw exploitable via crafted POST requests after public PoC disclosure. A Mirai botnet is actively exploiting a command injection vulnerability, tracked as CVE-2025-29635, in discontinued D-Link routers, Akamai reports. The flaw allows attackers to inject commands because an attacker-controlled value is copied without…

Read more →

AI, Exploits, Global Security News, Network Security

Prompt injection turned Google’s Antigravity file search into RCE

Security researchers have revealed a prompt injection flaw in Google’s Antigravity IDE that could be weaponized to bypass its sandbox protections and achieve remote code execution (RCE). The issue came from Antigravity’s ability to allow AI agents to invoke native functions, like searching files, on behalf of the user. Designed to kill complexity, the feature…

Read more →

AI, Apps, Exploits, Global Security News, Network Security, Risk Management

Zero‑click Grafana AI attack can enable enterprise data exfiltration

Indirect prompt injection is possible on AI-powered dashboards, allowing exfiltration of sensitive enterprise data without user authentication. Security researchers are warning about a critical Grafana issue, dubbed GrafanaGhost, that allows attackers to leak sensitive data from Grafana environments, including financial metrics, infrastructure health data, private customer data, and operational logs, among others. Noma Security disclosed…

Read more →

AI, Apps, Exploits, Global Security News

Google Workspace’s continuous approach to mitigating indirect prompt injections

Posted by Adam Gavish, Google GenAI Security Team Indirect prompt injection (IPI) is an evolving threat vector targeting users of complex AI applications with multiple data sources, such as Workspace with Gemini. This technique enables the attacker to influence the behavior of an LLM by injecting malicious instructions into the data or tools used by…

Read more →

Endpoint, Exploits, Global Security News

Critical Fortinet FortiClient EMS bug under active attack (CVE-2026-21643)

A critical SQL injection vulnerability (CVE-2026-21643) in Fortinet FortiClient Endpoint Management Server (EMS), a management server for FortiClient endpoint agents on various platforms, is under active exploitation. The warning comes from Defused Cyber, which helps organizations deploy honeypots/fake assets, and uses them as well to capture real attack attempts and exploits and provide early warning…

Read more →

AI, Apps, Global Security News

Arcjet enables inline defense against prompt injection in production AI systems

Arcjet has released AI Prompt Injection Protection, a new capability designed to stop prompt injection attacks before they reach production AI models. The feature detects hostile prompts at the application boundary and gives developers a decision point inside the request lifecycle where malicious instructions can be blocked before inference occurs. Companies are shipping AI features…

Read more →

AI, Apps, Cybersecurity, Data Breaches, Endpoint, Exploits, Global Security News, malware, Network Security, Risk Management

AI Risks, Critical Vulnerabilities, and Data Breaches Define This Week in Cybersecurity

Major Threats & Vulnerabilities Critical Software and Platform Flaws A SQL injection flaw in Elementor’s Ally accessibility plugin exposed over 400,000 WordPress sites to potential data theft. The vulnerability stemmed from improper input sanitization, allowing attackers to extract sensitive database information. Administrators should update immediately to the patched version. Microsoft’s March Patch Tuesday addressed a…

Read more →

AI, Exploits, Global Security News, Risk Management

Critical SQL Injection bug in Ally plugin threatens 400,000+ WordPress sites

An unauthenticated SQL injection flaw (CVE-2026-2413) in the Ally WordPress plugin, used on 400K+ sites, could allow attackers to steal sensitive data. An unauthenticated SQL injection flaw, tracked as CVE-2026-2413 (CVSS score 7.5), in Ally plugin could allow attackers to steal sensitive data. The offensive security engineer Drew Webber at Acquia discovered the vulnerability on…

Read more →

Exploits, Global Security News

CISA flags exploited FileZen command injection bug, patch now! (CVE-2026-25108)

CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems’ FileZen secure file transfer solution, to its Known Exploited Vulnerabilities (KEV) catalog. The vendor has confirmed active exploitation, stating it has received multiple reports of damage caused by attackers abusing the flaw. Because public disclosures from the Japanese CERT Coordination Center (JPCERT/CC) and…

Read more →