SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
SecurityWeek

Adobe Patches Critical Apache Tika Bug in ColdFusion

Adobe released 11 security bulletins for 25 vulnerabilities, including a critical code execution bug in ColdFusion.
The Hacker NewsOpinion

Model Security Is the Wrong Frame – The Real Risk Is Workflow Security

AI security risks are shifting from models to workflows after malicious extensions stole chat data from 900,000 users & ...
CSO Online

Researchers warn of long‑running FortiSIEM root exploit vector as new CVE emerges

The latest phMonitor vulnerability continues a multiyear pattern of unauthenticated command‑injection flaws in Fortinet’s ...

Hackers now exploiting critical Fortinet FortiSIEM flaw in attacks

Attackers are now exploiting a critical Fortinet FortiSIEM vulnerability with publicly available proof-of-concept exploit code.

How this one-click Copilot attack bypassed security controls - and what Microsoft did about it

Reprompt impacted Microsoft Copilot Personal and, according to the team, gave "threat actors an invisible entry point to perform a data‑exfiltration chain that bypasses enterprise security controls ...