This week, a CISA warning, Nest footage in Nancy Guthrie case, Signal phishing. Spanish hacker, Russian asylum. Spanish ...

State hackers from four nations exploited Google's Gemini AI for cyberattacks, automating tasks from phishing to malware development..

From prompt injection to deepfake fraud, security researchers say several flaws have no known fix. Here's what to know about them.

In the threat-intel group's most recent AI Threat Tracker report, released on Thursday and shared with The Register in advance, Google attributes this activity to APT31, a Beijing-backed crew also ...

Ivanti has patched a dozen vulnerabilities in Endpoint Manager, including a new high-severity bug leading to credential exposure.

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities.

BeyondTrust warned customers to patch a critical security flaw in its Remote Support (RS) and Privileged Remote Access (PRA) software that could allow unauthenticated attackers to execute arbitrary ...

QSM lets users create quizzes, surveys, and forms without coding, with more than 40,000 websites actively using it - but recently, it was discovered versions 10.3.1 and older were vulnerable to an SQL ...

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.