SecurityWeek

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...
SecurityWeek

900 Sangoma FreePBX Instances Infected With Web Shells

Hackers exploited CVE-2025-64328, a FreePBX command injection vulnerability, to infect hundreds of instances with web shells.
Dark Reading

Data Tool to Triage Exploited Vulnerabilities Can Make KEV More Useful

All software vulnerabilities are not the same. Unfortunately, the cybersecurity priorities of most organizations do not match the list, says Tod Beardsley, former section chief for the CISA KEV group ...