A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...

The platform warns users of on-premises versions to upgrade to the latest versions; SaaS versions have been patched.

Cybersecurity researchers have discovered a vulnerability in Google’s Gemini AI assistant that allowed attackers to leak ...

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.

A vulnerability in an ACF addon plugin exposes up to 100,000 installations to a complete site takeover by unauthenticated ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

Fortinet has closed a critical FortiSIEM vulnerability. A proof-of-concept exploit increases the likelihood of attacks.

Wiz researchers investigated and found the core of the flaw, a threat actor ID bypass due to unanchored regexes, and notified ...

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day ...

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...

Indian government's discussions on tighter phone-security rules are raising concerns among global handset makers over ...