WeLiveSecurity

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...
SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python code through prompt injection, which can lead to remote code execution (RCE)

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
TechRepublic

arbitrary code execution

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites. Explore Get the web's best business technology news, ...