Cybernews

Critical FFmpeg flaw discovered: just watching a video can fully compromise your system

A critical vulnerability in the FFmpeg media processing framework allows attackers to execute arbitrary code via malicious ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
Security Boulevard

Microsoft’s Security Update in June of High-Risk Vulnerability Notice for Multiple Products

Overview On June 9, NSFOCUS CERT detected that Microsoft released a security update patch for June, fixing 206 security issues involving widely used products such as Windows, Microsoft Office, ...

Microsoft warns AI agents are being 'AutoJack'-ed to deliver RCE payloads

Three minor vulnerabilities chained together can cause a lot of trouble but Microsoft fixed it on time.
The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...
MSN on MSN

Attackers are exploiting the SEPPmail secure e-mail gateway right now — reading corporate inboxes and running code on the servers that route every m…

Three vulnerabilities disclosed in the SEPPmail Secure Email Gateway in recent weeks have put thousands of organizations on ...
The Hacker News

CISA Warns of Actively Exploited Joomla JCE Flaw Allowing PHP Code Execution

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a maximum-severity security flaw impacting Widget Factory Joomla Content Editor (JCE) to its Known Exploited ...
CSO Online

Langflow RCE under active attack months after a patch was shipped

Actively exploited CVE-2026-5027 lets attackers write files to arbitrary locations on vulnerable Langflow servers, creating a path to remote code execution and full system compromise.
AndroGuider

Unpatchable Flaw in Apple Chips: A New Era for iPhone Jailbreaking

AndroGuider is a blog where you can scoop your daily need of tech information with some dose of special reviews and custom ...
GIGAZINE

A vulnerability that enables arbitrary code execution just by opening a file with the long-established compression decompression software 'WinRAR' is discovered, and a modified ...

It has been reported that a vulnerability ' CVE-2023-40477 ' has been discovered in WinRAR, a file compression/decompression software for Windows, that allows ...