The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively ...

ZAST.AI Raises $6M Pre-A to Scale "Zero False Positive" AI-Powered Code Security

ZAST.AI announced the completion of a $6 million Pre-A funding round led by Hillhouse Capital, bringing the company's total funding to nearly $10 million. This investment marks a significant ...
SecurityWeek

SAP Patches Critical CRM, S/4HANA, NetWeaver Vulnerabilities

SAP has released 26 new security notes, including two that address critical vulnerabilities in CRM, S/4HANA, and NetWeaver.
TechJuice

PTA Launches Major Cybersecurity Audit to Strengthen Digital Defenses

The Pakistan Telecommunication Authority (PTA) is taking a major step to secure its digital networks by launching a full-scale Cyber Security ...
Opinion
The Fast ModeOpinion

As AI Moves from Tool to Infrastructure, the Attack Surface Expands in Every Direction

AI has steadily woven itself into every corner of security, its influence is only beginning to take shape. Identity is expanding beyond people, compliance is becoming part of everyday defense, and the ...

BeyondTrust RCE flaw lets hackers run code without logging in

A 9.9/10 bug was found in multiple BeyondTrust products, but a patch is already available.
Microsoft

Manipulating AI memory for profit: The rise of AI Recommendation Poisoning

That helpful “Summarize with AI” button? It might be secretly manipulating what your AI recommends. Microsoft security researchers have discovered a growing trend of AI memory poisoning attacks used ...
WinBuzzer

Google Translate’s Gemini Mode is Vulnerable to Prompt Injection

Google Translate's Gemini integration has been exposed to prompt injection attacks that bypass translation to generate ...