Aggregator
Hacking Gemini's Memory with Prompt Injection and Delayed Tool Invocation
Imagine your AI rewriting your personal history…
A while ago Google added memories to Gemini. Memories allow Gemini to store user-related data across sessions, storing information in long-term memory. The feature is only available to users who subscribe to Gemini Advanced so far. So, in the fall of last year I chimed in and paid for the subscription for a month to check it out.
As a user you can see what Gemini stored about you at https://gemini.google.com/saved-info.
10 - CVE-2025-23419
6 - CVE-2023-34960
黑客将LL劫持货币化,每月以30美元的价格出售被盗的AI访问权限
CVE-2024-2647 | Netentsec NS-ASG Application Security Gateway 6.3 /admin/singlelogin.php loginId sql injection
CVE-2024-4920 | SourceCodester Online Discussion Forum Site 1.0 registerH.php ima unrestricted upload
CVE-2024-4921 | SourceCodester Employee and Visitor Gate Pass Logging System 1.0 Users.php?f=ssave img unrestricted upload
CVE-2024-4925 | SourceCodester School Intramurals Student Attendance Management System manage_course.php sql injection
CVE-2024-4926 | SourceCodester School Intramurals Student Attendance Management System manage_student.php sql injection
CVE-2024-4945 | SourceCodester Best Courier Management System 1.0 view_parcel.php id unrestricted upload
CVE-2024-4946 | SourceCodester Online Art Gallery Management System 1.0 admin/adminHome.php sliderpic unrestricted upload
CVE-2024-4966 | SourceCodester SchoolWebTech 1.0 /improve/home.php image unrestricted upload
CVE-2024-4967 | SourceCodester Interactive Map with Marker 1.0 delete-mark.php mark sql injection
CVE-2024-5045 | SourceCodester Online Birth Certificate Management System 1.0 /admin file access
CVE-2024-5046 | SourceCodester Online Examination System 1.0 registeracc.php email sql injection
Ransomware Payments Plunge 35% as More Victims Refuse to Pay
In a significant shift within the ransomware landscape, global ransom payments plummeted by 35% in 2024, falling from $1.25 billion in 2023 to $813.55 million, according to a report by blockchain analytics firm Chainalysis. This marked the first substantial decline in ransomware payments since 2022, despite a record number of ransomware attacks during the year. […]
The post Ransomware Payments Plunge 35% as More Victims Refuse to Pay appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Veridas helps companies combat AI-driven injection attacks
Generative AI is fueling a new wave of identity fraud, making digital security more critical than ever. In response, Veridas has introduced an advanced injection attack detection capability to combat the growing threat of synthetic identities. This new feature strengthens fraud prevention by combining injection detection with liveness verification across face, voice, and document authentication. According to the Veridas Identity Fraud Report 2024, 85% of financial fraud cases now involve synthetic identities. The UK government … More →
The post Veridas helps companies combat AI-driven injection attacks appeared first on Help Net Security.
Microsoft SharePoint Connector Vulnerability Let Attackers Steal User’s Credentials
A critical server-side request forgery (SSRF) vulnerability in Microsoft Power Platform’s SharePoint connector allowed attackers to harvest user credentials and impersonate victims across multiple services, including Power Apps, Power Automate, Copilot Studio, and Copilot 365. The patched flaw posed severe risks to organizations relying on SharePoint for data management and collaboration. The vulnerability, if exploited, […]
The post Microsoft SharePoint Connector Vulnerability Let Attackers Steal User’s Credentials appeared first on Cyber Security News.