Threat Post

WhatsApp Bug Allows Malicious Code-Injection, One-Click RCE

A high-severity vulnerability could allow cybercriminals to push malware or remotely execute code, using seemingly innocuous messages. Security researchers have identified a JavaScript vulnerability ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...

ProFTPD: Code injection via mod_sql possible

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead ...