More results...
CrewAI, a prominent tool used by developers to orchestrate multi-agent AI systems, is currently vulnerable to a chain of critical security flaws. By using direct or indirect prompt injection, attackers can manipulate AI agents to escape secure sandboxe…
Check Point Research has discovered a critical zero-day vulnerability in the TrueConf video conferencing client. Tracked as CVE-2026-3502 with a CVSS score of 7.8, this flaw is currently being exploited in targeted attacks against government entities i…
Artificial intelligence agents are transforming enterprise workflows, but they also introduce dangerous new attack vectors. Security researchers from Palo Alto Networks’ Unit 42 recently uncovered a significant vulnerability in Google Cloud Platform’s …
A maximum-severity vulnerability in Oracle WebLogic Server is facing rapid exploitation in the wild. Tracked as CVE-2026-21962, this unauthenticated Remote Code Execution (RCE) flaw carries a maximum CVSS score of 10.0. According to a recent honeypot s…
Security researchers have disclosed two high-severity vulnerabilities in libpng, the widely deployed reference library used for processing Portable Network Graphics (PNG) image files. These critical flaws allow remote attackers to trigger process crash…
Artificial intelligence assistants increasingly handle our most sensitive data, operating under the assumption that enclosed environments keep this information secure. However, a newly disclosed vulnerability in ChatGPT shattered this expectation. Disc…
Security researchers at Calif recently demonstrated the evolving power of artificial intelligence in vulnerability research by using Claude AI to uncover zero-day Remote Code Execution (RCE) flaws in both Vim and Emacs. The discoveries show that merely…
A severe security flaw has been disclosed in Smart Slider 3, a highly popular WordPress plugin currently active on more than 800,000 websites. Discovered by security researcher Dmitrii Ignatyev, this vulnerability enables authenticated attackers to rea…
Threat intelligence researchers have detected active exploitation of a critical vulnerability in Fortinet’s FortiClient Enterprise Management Server (EMS). The security flaw, identified as CVE-2026-21643, allows malicious actors to execute unauthorized…
Security researchers recently uncovered a critical stored Cross-Site Scripting (XSS) vulnerability within Atlassian’s Jira Work Management platform. This flaw allows an attacker with limited administrative permissions to execute a full organizati…