Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...
Infosecurity Magazine

CISA Flags Actively Exploited Gogs Vulnerability With No Patch

A high-severity security flaw in the Gogs Git service is being actively exploited, leading to remote code execution ...
WeLiveSecurity

Revisiting CVE-2025-50165: A critical flaw in Windows Imaging Component

ESET researchers examined CVE‑2025‑50165, a serious Windows vulnerability described to grant remote code execution by merely opening a specially crafted JPG file – one of the most widely used image ...
heise online

HPE OneView: Critical vulnerability allows code smuggling from the network

A critical security vulnerability has been discovered in HPE OneView, allowing attackers to inject and execute malicious code. As this is possible from the internet without prior authentication, the ...
The New York Times

Justice Dept. to Appeal Dismissals of Criminal Cases Against Comey and James

Retribution campaign: The Justice Department said that it would appeal the dismissals of its criminal cases against James B. Comey, the former F.B.I. director, and Attorney General Letitia James of ...