Security Boulevard

ACFW firewall test prologue – still failing at the basics

The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request ...
CSO Online

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...

Glances 4.5.0: System monitoring with NPU and ZFS support

Open-source monitoring tool Glances supports Neural Processing Units and ZFS for the first time in version 4.5.0. Security vulnerabilities have also been fixed.
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

F5: Security Incident Impact And Outlook

Read here for F5 (FFIV) stock's AI and hybrid multi-cloud growth outlook, NVIDIA partnership, breach impact, and cloud-native ...
Microsoft

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used ...

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...