CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager vulnerability patched in October 2024 and now exploited in attacks.

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...

As if admins haven't had enough to do this week Ignore patches at your own risk. According to Uncle Sam, a SQL injection flaw in Microsoft Configuration Manager patched in October 2024 is now being ...

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries.

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in which private-sector firms and researchers use legitimate API access to ...

CISA confirms active exploitation of CVE-2024-43468 in Microsoft Configuration Manager and urges immediate patching.

It only takes 250 bad files to wreck an AI model, and now anyone can do it. To stay safe, you need to treat your data pipeline like a high-security zone.

Over 260,000 users installed fake AI Chrome extensions that used iframe injection to steal browser and Gmail data, exposing ...

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.

AI has steadily woven itself into every corner of security, its influence is only beginning to take shape. Identity is expanding beyond people, compliance is becoming part of everyday defense, and the ...