CISA warns of a new SmarterTools SmarterMail vulnerability exploited by ransomware groups for unauthenticated RCE.

QSM lets users create quizzes, surveys, and forms without coding, with more than 40,000 websites actively using it - but recently, it was discovered versions 10.3.1 and older were vulnerable to an SQL ...

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

Two vulnerabilities can be exploited to fully compromise instances of the Google Looker business intelligence platform.

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...

January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...

The best defense against prompt injection and other AI attacks is to do some basic engineering, test more, and not rely on AI to protect you. If you want to know what is actually happening in ...

About The Study: In this quality improvement study using a controlled simulation, commercial large language models (LLM’s) demonstrated substantial vulnerability to prompt-injection attacks (i.e., ...

Also of importance are a Kerberos vulnerability in Active Directory, a Visual Studio Copilot extension, and a Microsoft Graphics Component issue. A zero day elevation of privilege Windows kernel flaw ...