AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Critical infrastructure organizations should move to harden their Automatic Tank Gauge (ATG) systems to defend against ...

ATGs are used in multiple critical sectors of industry, and many are still unsecured.

A flaw in Meta's AI-powered Instagram recovery tool allowed attackers to hijack accounts by redirecting password reset links, ...

Picture this: you paste a link into ChatGPT and ask for a summary. The model obliges, returning a clean, confident breakdown ...

Nisarga Adhikary, a 19-year-old ethical hacker, has sparked fresh controversy around CBSE’s digital systems after claiming he ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.

US cyber authorities have added a critical Drupal Core SQL injection flaw to their exploited-vulnerabilities list after attacks began targeting unpatched websites using PostgreSQL databases, ...

THORChain paused trading after ZachXBT flagged a suspected $10 million exploit spanning Bitcoin, Ethereum, BNB Chain and Base. Decentralized liquidity protocol THORChain halted trading after ...

A zero-day exploit circulating online allows people with physical access to a Windows 11 system to bypass default BitLocker protections and gain complete access to an encrypted drive within seconds.

A hacker group stole data from more than 9,000 schools using an exploit in Instructure's service. Now the House Homeland Security Committee is getting involved. Tyler is a writer for CNET covering ...