ChatGPT allows access to underlying sandbox OS, “playbook” data

November 14, 2024 at 11:16AM Researcher Marco Figueroa identified vulnerabilities in OpenAI’s ChatGPT sandbox, allowing file uploads, Python script execution, and access to sensitive configurations. While interactions remain confined to the sandbox, these flaws could lead to reverse-engineering of security measures. OpenAI was notified but only expressed interest in one specific issue. ### Meeting Takeaways: … Read more

Beware: Malicious Google Ads Trick WinSCP Users into Installing Malware

November 17, 2023 at 08:48AM Threat actors are using manipulated search results and bogus Google ads to trick users into downloading malware instead of legitimate software, such as WinSCP. The attack involves redirecting users to a compromised WordPress website, then an attacker-controlled phishing site, and finally to a fake WinSCP website where they unknowingly download … Read more