CSO Online

Researchers warn of long‑running FortiSIEM root exploit vector as new CVE emerges

The latest phMonitor vulnerability continues a multiyear pattern of unauthenticated command‑injection flaws in Fortinet’s ...

Exploit code public for critical FortiSIEM command injection flaw

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

The first round of SAP patches for 2026 resolves 19 vulnerabilities, including critical SQL injection, RCE, and code ...
Unite.AI

The Secretless Imperative: Why Traditional Security Models Break When AI Agents Touch Code

In April 2023, Samsung discovered its engineers had leaked sensitive information to ChatGPT. But that was accidental. Now imagine if those code repositories had contained deliberately planted ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI, an open-source, self-hosted web interface for interacting with local or remote AI language models, carried a high ...
Security Boulevard

Granular attribute-based access control for context window injections

Learn how granular attribute-based access control (ABAC) prevents context window injections in AI infrastructure using quantum-resistant security and MCP.
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt ...
GitHub

HasanAlpCaferoglu/E-SQL

This is the official repository for the paper "E-SQL: Direct Schema Linking via Question Enrichment in Text-to-SQL". Translating natural language queries into SQL (Text-to-SQL) is a critical task for ...