Fortinet’s FortiClient endpoint management software, meant to harden corporate and government machines, instead exposed them ...

Two vulnerabilities in the Avada Builder plugin for WordPress, with an estimated one million active installations, allow hackers to read arbitrary files and extract sensitive information from the ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

A 22-year-old ethical hacker, Tirth Parmar, found critical vulnerabilities in CBSE's OSM portal, exposing data of 9.3 million students. He claims a skipped security audit left the portal open to hacks ...

Wordfence disclosed two flaws in Avada Builder, a WordPress plugin with around 1 million active installs CVE‑2026‑4782 (Arbitrary File Read, medium severity) requires subscriber‑level access; CVE‑2026 ...

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.

Weekly ThreatsDay recap: old bugs, fake tools, shady payload tricks, AI mishaps, and the usual reminder that the internet is ...

Piling on guardrails is the sign of a system permanently compensating for its own unreliability. There’s a better approach.

Referenzen: https://www.cve.org/CVERecord?id=CVE-2026-48849 https://www.cve.org/CVERecord?id=CVE-2026-48845 https://www.cve.org/CVERecord?id=CVE-2026-48847 https ...

A newly discovered zero-day vulnerability in Microsoft Exchange Server has experts declaring an emergency and urging CSOs to think about the need to abandon on-premises email solutions. “Because it’s ...

A website called “UK visa portal” has been quietly collecting passport scans, selfies, and personal data from thousands of travellers who thought they were applying through official channels.