This SmarterMail vulnerability allows Remote Code Execution - here's what we know

Business-grade email server software SmarterMail just patched a maximum-severity vulnerability that allowed threat actors to ...
eWeek

This AI Tool Can Plan and Execute Penetration Tests on Its Own

An AI-powered penetration testing tool is automating offensive cybersecurity, accelerating vulnerability discovery and ...
The Hacker News

CSA Issues Alert on Critical SmarterMail Bug Allowing Remote Code Execution

Singapore’s CSA warns of a CVSS 10.0 SmarterMail vulnerability allowing unauthenticated remote code execution via file upload; patch available.
Cybernews

Got an AI agent on your computer? Assume a breach, security researcher warns

AI coding agents are highly vulnerable to zero-click attacks hidden in simple prompts on websites and repositories, a ...
eWeek

LangChain AI Vulnerability Exposes Millions of Apps

A critical LangChain AI vulnerability exposes millions of apps to theft and code injection, prompting urgent patching and ...

39C3: Security researcher hijacks AI coding assistants with prompt injection

At 39C3, Johann Rehberger showed how easily AI coding assistants can be hijacked. Many vulnerabilities have been fixed, but ...
InfoWorld

React2Shell: Anatomy of a max-severity flaw that sent shockwaves through the web

The explosive, easy-to-trigger vulnerability was exploited within hours of disclosure, exposing the risks of default ...

Apple patches two zero-day flaws used in targeted attacks

Apple releases emergency patches for two zero-day vulnerabilities actively exploited in attacks. iPhone and iPad users urged ...
Security Boulevard

Best of 2025: LDAPNightmare: SafeBreach Labs Publishes First Proof-of-Concept Exploit for CVE-2024-49112

SafeBreach researchers developed a zero-click PoC exploit that crashes unpatched Windows Servers using the Windows ...

Government issues ‘severe warning’ for Google Chrome: What users must do

The government has issued a high-priority security advisory for a severe security flaw that may affect millions of Google ...
The Hacker News

Critical n8n Flaw (CVSS 9.9) Enables Arbitrary Code Execution Across Thousands of Instances

Critical n8n flaw CVE-2025-68613 (CVSS 9.9) lets authenticated users run arbitrary code; versions 0.211.0–1.120.4 affected, ...