CISA flags critical Microsoft SCCM flaw as exploited in attacks

CISA ordered federal agencies on Thursday to secure their systems against a critical Microsoft Configuration Manager ...
The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet fixes critical FortiClientEMS SQL injection flaw (CVSS 9.1) enabling code execution; separate SSO bug actively exploited.

Claude Code vs ChatGPT Codex: Which AI coding agent is actually better?

I tested Claude Code vs. ChatGPT Codex in a real-world bug hunt and creative CLI build — here’s which AI coding agent thinks ...
Security Info Watch

Why Web Forms Are Becoming Financial Services’ Most Expensive Blind Spot

Why an overlooked data entry point is creating outsized cyber risk and compliance exposure for financial institutions.

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...

The Cost of AI Slop in Lines of Code

In the quest to get as much training data as possible, there was little effort available to vet the data to ensure that it was good.
SecurityWeek

Zast.AI Raises $6 Million for AI-Powered Code Security

Zast.AI has raised $6 million in funding to secure code through AI agents that identify and validate software vulnerabilities ...

Google says hackers are abusing Gemini AI for all attacks stages

Google Threat Intelligence Group (GTIG) has published a new report warning about AI model extraction/distillation attacks, in ...

Why LLMs are plateauing – and what that means for software security

Despite rapid generation of functional code, LLMs are introducing critical, compounding security flaws, posing serious risks for developers.
The Hacker News

Over 60 Software Vendors Issue Security Fixes Across OS, Cloud, and Network Platforms

Patch Tuesday delivers fixes for 59 Microsoft flaws, six exploited zero-days, plus critical SAP and Intel TDX vulnerabilities.