Dark Reading

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

CVE-2025-64155, a command injection vulnerability, was disclosed earlier this week and quickly came under attack from a ...
CSO Online

Researchers warn of long‑running FortiSIEM root exploit vector as new CVE emerges

The latest phMonitor vulnerability continues a multiyear pattern of unauthenticated command‑injection flaws in Fortinet’s ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
GitHub

RedHawks-Cyber-Research/VulnerableCodes

Configure the SAST tool to scan the root of this directory. Identify vulnerabilities in the codebase (e.g., SQL injection, XSS, command injection, buffer overflows).
IEEE

LiteCobra: Enhancing Java Deserialization Vulnerability Detection with Call Graph Pruning

Abstract: Java deserialization vulnerabilities have become a critical security threat, challenging to detect and even harder to exploit due to deserialization's flexible and customizable nature.
IEEE

Adversarial Training for Robustness Enhancement in LLM-Based Code Vulnerability Detection

Abstract: This paper proposes a new approach to code vulnerability detection that uses large language models (LLMs) and incorporates adversarial training techniques. It aims to enhance the robustness ...
TechCrunch

OpenAI says AI browsers may always be vulnerable to prompt injection attacks

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...