Tenable Research Archives

Seven Critical Vulnerabilities Open ChatGPT to Data Theft and Hijacking

CIOAXIS BureauNovember 7, 20250273 views

Tenable research reveals hidden AI flaws that allow data exfiltration, safety override, and persistent compromise within ChatGPT Tenable discovered seven vulnerabilities and attack techniques during testing of OpenAI’s ChatGPT-4o, several…

Tenable Research Uncovers Remote Code Execution Vulnerability in Oracle Code Editor and its Integrated Services

CIOAXIS BureauJuly 18, 20250698 views

Tenable has identified a Remote Code Execution (RCE) vulnerability in Oracle Cloud Infrastructure (OCI) Code Editor, a service designed for developers working within Oracle’s Cloud Shell ecosystem. This vulnerability could have…

Tenable Research Warns of Critical AI Tool Vulnerability That Requires Immediate Attention [CVE-2025-49596]

CIOAXIS BureauJuly 10, 20250851 views

Tenable Research has identified a critical remote code execution vulnerability (CVE-2025-49596) in Anthropic’s widely adopted MCP Inspector, an open-source tool crucial for AI development. With a CVSS score of 9.4,…

Tenable Research Shows How “Prompt-Injection-Style” Hacks Can Secure the Model Context Protocol (MCP)

CIOAXIS BureauMay 6, 20250464 views

Tenable Research has published new findings that flip the script on one of the most discussed AI attack vectors. In the blog “MCP Prompt Injection: Not Just for Evil,” Tenable’s…

Tenable research uncovers a privilege escalation vulnerability In Google Cloud Run

CIOAXIS BureauApril 2, 20250356 views

Tenable has identified a privilege escalation vulnerability in Google Cloud Run called ImageRunner. The vulnerability could have allowed attackers to bypass permissions, gain unauthorised access to container images and potentially…

Tenable Research finds that DeepSeek R1 can be tricked into developing malware

CIOAXIS BureauMarch 18, 20250417 views

When new technologies such as generative artificial intelligence (GenAI) emerge, cybercriminals inevitably look for ways to exploit its capabilities for malicious purposes. While most mainstream GenAI models have built-in safeguards…

Tenable Research Discovers SMB Force-Authentication Vulnerability in Widely Used Open-Source Software

CIOAXIS BureauOctober 23, 20240438 views

Tenable has disclosed that its Tenable Cloud Security Research team has discovered a medium-severity Server Message Block (SMB) force-authentication vulnerability that exists in all versions of Open Policy Agent (OPA)…

Tenable Research Discovers Critical RCE Vulnerability in Google Cloud Platform, Potentially Compromising Millions of Servers

CIOAXIS BureauSeptember 17, 20240457 views

Tenable has disclosed that its Tenable Research team has discovered a critical remote code execution (RCE) vulnerability, dubbed CloudImposer, that could have allowed malicious attackers to execute code on potentially…

Tenable Research Discovers Critical Vulnerability in Microsoft Copilot Studio

CIOAXIS BureauAugust 21, 20240948 views

Tenable has disclosed that its Tenable Research Team has discovered a critical information disclosure vulnerability in Microsoft’s Copilot Studio via a server-side request forgery (SSRF), which allowed researchers access to…

Tenable Research Discovers ‘ConfusedFunction’ Vulnerability in Google Cloud Platform

CIOAXIS BureauJuly 25, 20240639 views

Today, Tenable has disclosed that its Tenable Cloud Research Team has discovered a vulnerability in Google Cloud Platform (GCP), involving its Cloud Function serverless compute service and its Cloud Build…