The Hacker News

Fortinet Patches Critical SQLi Flaw Enabling Unauthenticated Code Execution

Fortinet has released security updates to address a critical flaw impacting FortiClientEMS that could lead to the execution of arbitrary code on susceptible systems. The vulnerability, tracked as ...
dlnews

Ethereum Foundation awards $50,000 to researchers who identified ‘high-severity’ attack vector

Ethereum Foundation awarded its maximum bounty for finding a bug. Trust Security identified an attack vector in ERC4337. The security firm also received almost $60,000 from DeFi apps that rely on the ...
Biometric Companies

NADRA launches Bug Bounty Challenge to fortify Pakistan’s digital ID infrastructure

Pakistan’s National Database and Registration Authority (NADRA) has launched its first-ever Bug Bounty Challenge 2026, a national competition designed to strengthen the country’s digital identity ...
Bleeping Computer

Curl ending bug bounty program after flood of AI slop reports

The developer of the popular curl command-line utility and library announced that the project will end its HackerOne security bug bounty program at the end of this month, after being overwhelmed by ...
Neowin

Beloved tool, cURL is shutting down its bug bounty over AI slop reports

cURL's chief maintainer announced that the project is shutting down its bug bounty program to discourage submissions generated by AI. Well, it finally happened. Curl, the command-line tool/library for ...
Infosecurity-magazine.com

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

Three security vulnerabilities in the official Git server for Anthropic's Model Context Protocol (MCP), mcp-server-git, have been identified by cybersecurity researchers. The flaws can be exploited ...
IEEE

SQL Injection in LLM-Generated Queries: Systematic Analysis of Detection Gaps and Security Risks

Abstract: Large language models (LLMs) are being woven into software systems at a remarkable pace. When these systems include a back-end database, LLM integration opens new attack surfaces for SQL ...
The Escapist

Hytale success leads to Hypixel launching a bug bounty program

The development team behind Hytale has opened a bug bounty program that will net you a decent chunk of cash if you know what you’re doing. Pricing for some bug bounties has reached $25,000 or more if ...
GameSpot

Hytale Devs Are Paying $25K Bounty For Serious Bugs

GameSpot may get a commission from retail offers. Hytale is out today in early access a mere six months after it was canceled by Riot Games. Developer Hypixel warned players ahead of time that the ...
SecurityWeek

Microsoft Bug Bounty Program Expanded to Third-Party Code

All critical vulnerabilities in Microsoft, third-party, and open source code are eligible for rewards if they impact Microsoft services. Microsoft on Thursday announced a massive expansion to its bug ...
SiliconANGLE

Microsoft broadens bug bounty scope to include any vulnerability impacting its services

Microsoft Corp. announced today that it is expanding its bug bounty program with a new policy that brings all of its online services, including those supported by third-party and open-source ...