SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
Infosecurity Magazine

Researchers Uncover ‘LeakyLooker’ Vulnerabilities in Google Looker Studio

A set of nine cross-tenant vulnerabilities in Google Looker Studio that could have enabled attackers to extract or manipulate ...
InfoWorld

19 large language models redefining AI safety—and danger

Whether you are looking for an LLM with more safety guardrails or one completely without them, someone has probably built it.

OpenAI’s Codex Security: An AI Agent That Hunts Down Vulnerabilities

OpenAI launches Codex Security, an AI agent-vulnerability scanner that helps developers find and fix high-impact holes in their code.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...