June 6, 2023

[Information Security Daily]On February 23, 2023, researchers found the blind spot that WAF can be bypassed, and hackers spread malware under the guise of providing ChatGPT application

A researcher inadvertently discovered a newline character (CRLF) injection vulnerability in the Akamai Web Application Firewall (WAF) during a demonstration for a client, which could break through the firewall rules and launch cross-site scripting (XSS) on the website attack. It is worth noting that the researchers believe that most of the WAFs of other brands also have similar vulnerabilities. ChatGPT, a machine learning language model, is gaining popularity, and hackers are also interested in this situation, using it to spread a variety of malware to computer and mobile phone users, and even want to steal credit card information. Last month, Microsoft patched the Windows backup service vulnerability CVE-2023-21752, and now it is reported that hackers are analyzing the proof-of-concept code and intend to use the vulnerability for attack operations.

Ewen Eagle

I am the founder of Urbantechstory, a Technology based blog. where you find all kinds of trending technology, gaming news, and much more.

View all posts by Ewen Eagle →

Leave a Reply

Your email address will not be published.