Security Boulevard

Healthcare Networks, Financial Regulators, and Industrial Systems on the Same Target List

More than 25 million individuals are now tied to the Conduent Business Services breach as investigations continue to expand its scope. In Canada, approximately 750,000 investors were affected in the ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...
Microsoft

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used ...
MIT Technology Review

The Download: AI-enhanced cybercrime, and secure AI assistants

Viral AI agent project OpenClaw, which has made headlines across the world in recent weeks, harnesses existing LLMs to let ...
Microsoft

Analysis of active exploitation of SolarWinds Web Help Desk

We are seeing exploitation of SolarWinds Web Help Desk via CVE‑2025‑40551 and CVE‑2025‑40536 that can lead to domain compromise; here is how to patch, hunt, and mitigate now.

New tool blocks imposter attacks disguised as safe commands

A new open-source and cross-platform tool called Tirith can detect homoglyph attacks over command-line environments by ...
WinBuzzer

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft has patched the Windows Notepad remote code execution vulnerability CVE-2026-20841, warning users to install ...