More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...

CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...
Windows Report

Critical Microsoft SCCM Vulnerability Under Active Attack, Warns CISA

CISA confirms active exploitation of CVE-2024-43468 in Microsoft Configuration Manager and urges immediate patching.
Stacker on MSN

The problem with OpenClaw, the new AI personal assistant

Oso reports on OpenClaw, an AI assistant that automates tasks but raises security concerns due to its access to sensitive data and external influences.
Windows Report

State-Backed Hackers Weaponize Google Gemini AI for Cyberattacks

Google’s Gemini AI is being used by state-backed hackers for phishing, malware development, and large-scale model extraction attempts.
Security Info Watch

Tenable Research Exposes “LookOut” Vulnerabilities in Google Looker, Raising Stakes for Self-Hosted Users

Critical remote code execution and database theft flaws highlight patching gaps and the hidden risk inside business ...
SecurityWeek

CISA Warns of Exploited SolarWinds, Notepad++, Microsoft Vulnerabilities

CISA has expanded its KEV catalog with new SolarWinds, Notepad++, and Apple flaws, including two exploited as zero-days.
SecurityWeek

SAP Patches Critical CRM, S/4HANA, NetWeaver Vulnerabilities

SAP has released 26 new security notes, including two that address critical vulnerabilities in CRM, S/4HANA, and NetWeaver.
Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.