techtimes

Ghost CMS SQL Injection Hits 700 Sites: Harvard, DuckDuckGo Serve Fake Cloudflare Malware

An unpatched SQL injection vulnerability in the Ghost content management system has been weaponized in an active, large-scale cyberattack that has compromised more than 700 websites worldwide — ...
The Hacker News

LiteLLM Flaw CVE-2026-42271 Exploited in the Wild, Chains to Unauthenticated RCE

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...
The Hacker News

Hacking Salesforce Sites With an LLM Agent

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

SAP fixes critical flaws in NetWeaver and Commerce Cloud

SAP has released fixes for 15 vulnerabilities as part of its June 2026 Security Patch package, including four ...
CSO Online

Frontier AI models offer sneak peak of seismic cyber shifts ahead

CISOs need to prepare for a vulnerability discovery onslaught, even as attackers will still have work to do to operationalize ...
CSO Online

AI worm prototype shows attackers don’t need Mythos to take over your network

University of Toronto researchers demonstrate how open-weight local LLMs can be used to autonomously exploit flaws and ...

Instagram Hackers Bypass Two-Factor Authentication Using 'Flawed' Meta AI Support System to Steal Rare Verified Accounts

A flaw in Meta's AI-powered Instagram recovery tool allowed attackers to hijack accounts by redirecting password reset links, ...

Federal agencies warn energy and food sectors of vulnerabilities in tank gauge systems

ATGs are used in multiple critical sectors of industry, and many are still unsecured.
heise online

Patch now! Attackers exploiting critical malicious code vulnerability in Drupal

Drupal developers are warning of attacks on websites created with the Content Management System (CMS). Subsequently, attackers gain access to actually isolated data. However, they can also gain higher ...
DATAQUEST

India's AI surge exposes software supply chain security gaps

India's software supply chain security challenge is deepening as AI expands the attack surface while many enterprises lack detection and protection tools.