CSO Online

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...
Microsoft

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used ...
The Register on MSN

AI agents spill secrets just by previewing malicious links

Zero-click prompt injection can leak data when AI agents meet messaging apps, researchers warn AI agents can shop for you, ...

Hackers compromise NGINX servers to redirect user traffic

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...
Capitol Hill Seattle

911 | Monday school lockdowns, Super Bowl 911, and six busted in Capitol Hill Safeway ‘retail theft operation’

See something others should know about? Email CHS or call/txt (206) 399-5959. You can view recent CHS 911 coverage here. Hear sirens and wondering what’s going on? Check out reports ...

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...
The Hacker News

Critical n8n Flaw CVE-2026-25049 Enables System Command Execution via Malicious Workflows

Critical n8n v CVE-2026-25049 allows authenticated workflow abuse to execute system commands and expose server data.

NGINX servers hijacked in global campaign to redirect traffic

Redirected traffic can be abused in multiple ways, experts warn ...