Texas sues TP-Link over suspected China links, security vulnerabilities

"Let this server as a clear warning to any Chinese entity seeking to compromise our nation's security," Texas Attorney General Paxton writes.
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

Attackers finally get around to exploiting critical Microsoft bug from 2024

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being ...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...
CSO Online

The new paradigm for raising up secure software engineers

The new challenge for CISOs in the age of AI developers is securing code. But what does developer security awareness even ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...
Security Info Watch

Why Web Forms Are Becoming Financial Services’ Most Expensive Blind Spot

Why an overlooked data entry point is creating outsized cyber risk and compliance exposure for financial institutions.
eWeek

OpenAI Introduces New Safeguards in ChatGPT to Prevent AI Prompt Injection

OpenAI launches Lockdown Mode and Elevated Risk warnings to protect ChatGPT against prompt-injection attacks and reduce data-exfiltration risks.

More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...