Morning Overview on MSN

LiteLLM just fell to a full-chain Pwn2Own exploit combining SSRF and code injection — researchers took full system control

A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise ...
Bleeping Computer

Windows CLI Apps Vulnerable to New Ctrl-Inject Process Injection Attack

Rotem Kerner, a security researcher with enSilo, has discovered a new process injection technique that can be abused by malicious actors to hide malware inside Windows-based CLI applications. The ...
Dark Reading

LockPoS Malware Sneaks onto Kernel via new Injection Technique

A sneaky new injection technique delivers LockPoS malware straight into the kernel, researchers report. This "silent" method bypasses traditional antivirus software. LockPoS is a type of point-of-sale ...