Hackers exploit critical auth bypass in Gitea Docker image
Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to imperson...
20 articles
Hackers are actively exploiting a critical vulnerability in the official Docker image for the Gitea self-hosted Git service that allows attackers to imperson...
Security company CrowdStrike has identified five new prompt injection techniques that could leave enterprises at risk. Prompt injections attacks exploit the ...
Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, ...
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could backfire
The Zimbra security team urged customers to patch a critical vulnerability affecting the Classic Web Client used to access the Zimbra Collaboration suite. [.
Security firm Coinspect has disclosed a crypto wallet flaw it calls Ill Bloom, and attackers are already using it. The flaw is in how some wallet software ge...
Researchers demonstrate adversarial hallucination squatting against popular AI assistants to achieve remote code execution. The post ‘HalluSquatting’ Turns A...
Microsoft is recommending that organizations shorten Windows update deployment timelines, warning that advances in AI are reducing the time attackers need to...
OpenAI has introduced the GPT-5.6 family, comprising Sol, Terra, and Luna, positioning it as a multi-agent platform tailored for advanced cybersecurity workf...
Microsoft is expanding its AI-driven vulnerability discovery across Windows, introducing a multi-model “agentic” scanning system designed to identify securit...
Roundcube has released version 1.7.
A security hole within AI dev tools has allowed attackers to escape sandboxes by misleading the humans in the loop who were supposed to knowingly approve the...
The vulnerability stems from an insecure default configuration in Gitea's official Docker images (versions prior to 1.26.
Key Takeaways CISA BOD 26–04 mandates remediation of the publicly exposed, highest-risk, known-exploited vulnerabilities within 3 days. The directive applies...
Last week, there were disclosed in and that have been added to the Wordfence Intelligence Vulnerability Database, and there were that contributed to WordPres...
Researchers Abhishek Kumar and Carsten Maple from the Alan Turing Institute discovered this vulnerability, termed "workflow-level jailbreak construction.
Buffer overflow, DoS, command injection, SSRF, authentication bypass, and other types of vulnerabilities have been found in PAN-OS software. The post Palo Al...
View CSAF Summary Schneider Electric is aware of a vulnerability in its Easergy MiCOM Px40 Series products. The [Easergy MiCOM Px40](https://www.
A large-scale exploitation campaign is actively weaponising known vulnerabilities across multiple content management systems, with WordPress plugins forming ...