The threat activity echoes prior exploitation during the Israeli war with Hamas, a precursor to attacks against critical ...

CISA has released an advisory to warn about four vulnerabilities discovered by a researcher in Gardyn Home and Gardyn Studio.

CISA adds VMware Aria Operations command injection flaw CVE-2026-22719 to KEV after reports of active exploitation; patches ...

QNAP Systems published security advisories for two critical command injection vulnerabilities that impact multiple versions of the QTS operating system and applications on its network-attached storage ...

Two other flaws were patched by the virtualization vendor, impacting Cloud Foundation, Telco Cloud Platform, and Telco Cloud ...

A deft chaining together of three separate zero-day flaws in Ivanti's Cloud Service Appliance allowed a particularly potent cyberattacker to infiltrate a target network and execute malicious actions, ...

Google Threat Intelligence Group (GTIG) tracked 90 zero-day vulnerabilities actively exploited throughout 2025, almost half ...

Zyxel fixes a handful of worrying router flaws ...

The U.K. Information Commissioner's Office has issued a warning to businesses to eliminate SQL injection vulnerabilities from their websites, after fining a hotel booking site for failing to properly ...

Tenable says it found seven prompt injection flaws in ChatGPT-4o, dubbed the “HackedGPT” attack chain Vulnerabilities include hidden commands, memory persistence, and safety bypasses via trusted ...

Two significant security vulnerabilities have been identified in the Fancy Product Designer premium plugin, which allows the customization of WooCommerce products. The issues remain unpatched in the ...

Prompt injection, a type of exploit targeting AI systems based on large language models (LLMs), allows attackers to manipulate the AI into performing unintended actions. Zhou’s successful manipulation ...