More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...
Infosecurity Magazine

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...

Claude Code vs ChatGPT Codex: Which AI coding agent is actually better?

I tested Claude Code vs. ChatGPT Codex in a real-world bug hunt and creative CLI build — here’s which AI coding agent thinks ...
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.
The Hacker News

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

Patch Tuesday delivers fixes for 59 Microsoft flaws, six exploited zero-days, plus critical SAP and Intel TDX vulnerabilities ...
SecurityWeek

Fortinet Patches High-Severity Vulnerabilities

Fortinet has fixed nine vulnerabilities, including high-severity command execution and authentication bypass flaws.
Windows Report

State-Backed Hackers Weaponize Google Gemini AI for Cyberattacks

Google’s Gemini AI is being used by state-backed hackers for phishing, malware development, and large-scale model extraction attempts.

The Cost of AI Slop in Lines of Code

In the quest to get as much training data as possible, there was little effort available to vet the data to ensure that it was good.