This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

This sneaky attack tricks Microsoft's AI assistant to hand over your data.

Oracle issues out-of-band warning about critical PeopleSoft code injection flaw

Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.
The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Three patched LangGraph flaws could let attackers chain SQL injection and unsafe deserialization for RCE in self-hosted deployments.

Ubiquiti UniFi OS: Critical vulnerabilities allow code injection

Ubiquiti warns of partly critical security vulnerabilities in UniFi OS. Updated software is available to fix them.
Dark Reading

Apple CocoaPods Bugs Expose Millions of Apps to Code Injection

A near inconceivable number of Apple apps have been exposed to critical vulnerabilities in a popular dependency manager for years now. CocoaPods is a platform that developers in Apple's ecosystem use ...
SecurityWeek

Critical Ubiquiti Vulnerabilities in Attackers’ Crosshairs

The flaws allow remote, unauthenticated attackers to make system changes, access underlying accounts, and inject commands.
CRN

10 Major Cyberattacks And Data Breaches In 2026 (So Far)

The first half of 2026 saw a renewed surge of widely felt cyberattacks and data breaches—with many indicators pointing to increased usage of AI-powered capabilities. Major incidents included zero-day ...
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...