From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

Top open source AI platform Flowise hit by maximum-level security issue

A 10/10 Flowise bug was patched, but is now being abused in the wild.
The Next Web

Someone bought 30 WordPress plugins and planted backdoors in all of them

An attacker purchased 30+ WordPress plugins on Flippa, planted backdoors that lay dormant for eight months, then activated ...
IFA Magazine

Financial services risk being overwhelmed by agentic AI wave with one in three firms lacking agent oversight

TrendAI™, the global leader in AI cybersecurity, today released new data from a global study* revealing a growing governance ...

How AI is changing the rules of cybersecurity

AI systems rely on massive datasets, complex models and decision-making that evolves. The attack surface isn’t just bigger, ...
DataBreachToday

Breach Roundup: Mr. Raccoon Wants Your Password

This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda ...

Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds

How mature is your AI agent security? VentureBeat's survey of 108 enterprises maps the gap between monitoring and isolation — ...
TechRound

Experts Comment: Has The AI Race Made The World Less Safe?

Claude exploited for extortion, Grok in national security. We asked eight AI safety and cybersecurity experts: has the AI ...
Arabian Post

Formbook phishing turns stealth into scale

Two separate phishing campaigns are hitting organisations with Formbook, a long-running information stealer that continues to adapt its delivery methods to slip past traditional Windows defences. The ...
Newsworthy.ai

An AI Escaped Its Sandbox, Emailed a Researcher, Then Self-Published Its Own Exploit Online!

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...