SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
SecurityWeek

Critical HPE OneView Vulnerability Exploited in Attacks

CISA warns that CVE-2025-37164, a maximum-severity HPE OneView vulnerability leading to remote code execution, has been ...

Radware Unveils “ZombieAgent”: A Newly Discovered Zero-Click, AI Agent Vulnerability Enabling Silent Takeover and Cloud-Based Data Exfiltration

The vulnerability directs all ChatGPT models to exfiltrate sensitive customer data autonomously from OpenAI servers and could ...

This 'ZombieAgent' zero click vulnerability allows for silent account takeover - here's what we know

If the victim asks ChatGPT to read that email, the tool could execute those hidden commands without user consent or ...

Are Copilot prompt injection flaws vulnerabilities or AI limits?

Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
Ars Technica

Zyxel warns of vulnerabilities in a wide range of its products

Networking hardware-maker Zyxel is warning of nearly a dozen vulnerabilities in a wide array of its products. If left unpatched, some of them could enable the complete takeover of the devices, which ...
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News — Index Page

The Hacker News is the top cybersecurity news platform, delivering real-time updates, threat intelligence, data breach ...