sensitive data

Winsage
July 10, 2025
A researcher successfully exploited vulnerabilities in ChatGPT by framing inquiries as a guessing game, leading to the disclosure of sensitive information, including Windows product keys from major corporations like Wells Fargo. The researcher used ChatGPT 4.0 and tricked the AI into bypassing safety protocols designed to protect confidential data. The technique involved embedding sensitive terms within HTML tags and adhering to game rules that prompted the AI to respond with 'yes' or 'no.' Marco Figueroa, a Technical Product Manager, noted that this jailbreaking method could be adapted to circumvent other content filters. He emphasized the need for improved contextual awareness and multi-layered validation systems in AI frameworks to address such vulnerabilities.
Winsage
July 10, 2025
Researchers have successfully bypassed ChatGPT's guardrails, allowing the AI to disclose valid Windows product keys by disguising requests as a guessing game. The technique involved using HTML tags to hide sensitive terms from filters while still enabling AI comprehension. They extracted real Windows Home/Pro/Enterprise keys by establishing game rules and using the phrase "I give up" to trigger disclosure. This vulnerability highlights flaws in keyword-based filtering and suggests that similar techniques could expose other restricted content. The attack exploits weaknesses in AI's contextual interpretation and emphasizes the need for improved content moderation strategies, including enhanced contextual awareness and detection of deceptive framing patterns.
Winsage
July 9, 2025
Microsoft addressed a total of 130 vulnerabilities in its latest Patch Tuesday initiative. A significant vulnerability in SQL Server, identified as CVE-2025-49719, has a CVSS score of 7.5 and is due to improper input validation, potentially allowing unauthorized access to sensitive data. It affects SQL Server versions from 2016 to 2022. Another critical vulnerability, CVE-2025-47981, has a CVSS score of 9.8 and allows unauthenticated remote code execution without user interaction. This vulnerability poses a high risk due to its low attack complexity and potential for lateral movement within networks. Additionally, the update includes 16 vulnerabilities affecting Microsoft Office, with four categorized as more likely to be exploited.
AppWizard
July 8, 2025
A newly identified Android malware family, Qwizzserial, has emerged as a significant threat in Uzbekistan, disguising itself as legitimate financial and government applications. It spreads primarily through Telegram, using deceptive channels to impersonate authorities and financial institutions, luring victims with offers of financial assistance. Upon installation, Qwizzserial requests permissions related to SMS and phone state, prompting users to input sensitive information such as phone numbers and bank card details, which it exfiltrates via the Telegram Bot API or HTTP POST requests. The malware intercepts incoming SMS messages, including one-time passwords (OTPs) for two-factor authentication, and can extract financial information from messages. Analysts from Group-IB have tracked around 100,000 infections linked to Qwizzserial, with confirmed financial losses exceeding ,000,000 within three months. The malware's infection pattern follows a Pareto distribution, with a small subset of samples causing the majority of infections, particularly those impersonating financial institutions. Security solutions have developed detection rules for Qwizzserial, and organizations are encouraged to implement user education and monitoring to mitigate risks. End-users are advised against installing applications from untrusted sources and to scrutinize app permissions. Indicators of Compromise (IOC) include specific C2 domains and file hashes for both example and latest samples of Qwizzserial.
AppWizard
July 3, 2025
Android malware has surged by 151% since the beginning of the year, with a notable 147% increase in spyware in 2025. Spyware activity peaked in February and March, reaching nearly four times the baseline. Smishing attacks via SMS increased by 692% between April and May. Banking trojans and spyware are increasingly hidden in seemingly legitimate applications, such as fake loan services. Over 30% of Android devices run outdated software lacking security patches, exposing users to vulnerabilities. Cybercriminals are developing interconnected operations that target sensitive user data. Google Play Protect is not fully effective, and users are advised to download apps only from official sources, review app permissions, deny unnecessary notification access, keep software updated, and use trusted mobile security apps.
Search