Aggregator

ChatGPT Vulnerability Let Attackers Silently Exfiltrate User Prompts and Other Sensitive Data

Cyber Security News
3 weeks 5 days ago

Users routinely trust AI assistants with highly sensitive information, including medical records, financial documents, and proprietary business code. Check Point Research recently disclosed a critical vulnerability in ChatGPT’s architecture that allowed attackers to extract this exact type of user data silently. By abusing a covert outbound channel in ChatGPT’s isolated code execution environment, attackers could […]

The post ChatGPT Vulnerability Let Attackers Silently Exfiltrate User Prompts and Other Sensitive Data appeared first on Cyber Security News.

Abinaya

CareCloud Data Breach – Hackers Accessed IT Infrastructure and Stole Patient Data

Cyber Security News
3 weeks 5 days ago

A prominent healthcare technology provider has formally disclosed a significant cybersecurity incident involving unauthorized access to its IT infrastructure. An unauthorized actor compromised one of the company’s electronic health record (EHR) systems, raising concerns over possible exposure of sensitive patient data. The security breach initially unfolded on March 16, 2026. The intrusion caused a temporary […]

The post CareCloud Data Breach – Hackers Accessed IT Infrastructure and Stole Patient Data appeared first on Cyber Security News.

Abinaya

CVE-2026-5215 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/network_mgr.cgi cgi_get_ipv6 access control

VulDB Recent Entries
3 weeks 5 days ago
A vulnerability labeled as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The impacted element is the function cgi_get_ipv6 of the file /cgi-bin/network_mgr.cgi. Such manipulation leads to improper access controls. This vulnerability is referenced as CVE-2026-5215. The attack needs to be initiated within the local network. Furthermore, an exploit is available.
vuldb.com

CVE-2026-5213 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/account_mgr.cgi cgi_adduser_to_session read_list stack-based overflow

VulDB Recent Entries
3 weeks 5 days ago
A vulnerability identified as critical has been detected in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. The affected element is the function cgi_adduser_to_session of the file /cgi-bin/account_mgr.cgi. This manipulation of the argument read_list causes stack-based buffer overflow. The identification of this vulnerability is CVE-2026-5213. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.
vuldb.com

CVE-2026-5214 | D-Link DNS-1550-04 up to 20260205 /cgi-bin/account_mgr.cgi cgi_addgroup_get_group_quota_minsize Name stack-based overflow

VulDB Recent Entries
3 weeks 5 days ago
A vulnerability categorized as critical has been discovered in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW, DNS-321, DNR-322L, DNS-323, DNS-325, DNS-326, DNS-327L, DNR-326, DNS-340L, DNS-343, DNS-345, DNS-726-4, DNS-1100-4, DNS-1200-05 and DNS-1550-04 up to 20260205. Impacted is the function cgi_addgroup_get_group_quota_minsize of the file /cgi-bin/account_mgr.cgi. The manipulation of the argument Name results in stack-based buffer overflow. This vulnerability was named CVE-2026-5214. The attack may be performed from remote. In addition, an exploit is available.
vuldb.com

Managed ad