The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

Attackers finally get around to exploiting critical Microsoft bug from 2024

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being ...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...
eWeek

OpenAI Introduces New Safeguards in ChatGPT to Prevent AI Prompt Injection

OpenAI launches Lockdown Mode and Elevated Risk warnings to protect ChatGPT against prompt-injection attacks and reduce data-exfiltration risks.
Security Info Watch

Why Web Forms Are Becoming Financial Services’ Most Expensive Blind Spot

Why an overlooked data entry point is creating outsized cyber risk and compliance exposure for financial institutions.
Analytics Insight

What Is Trafficmind and How Does It Stop Bot Attacks

Bot attacks are one of the most common threats you can expect to deal with as you build your site or service. One exposed ...

Texas sues TP-Link over suspected China links, security vulnerabilities

"Let this server as a clear warning to any Chinese entity seeking to compromise our nation's security," Texas Attorney ...
Stacker on MSN

The problem with OpenClaw, the new AI personal assistant

Oso reports on OpenClaw, an AI assistant that automates tasks but raises security concerns due to its access to sensitive data and external influences.