Attackers are exploiting three Fortinet FortiSandbox flaws, including one patched last week, risking auth bypass and command ...

What happened Threat actors are actively exploiting an unauthenticated information disclosure vulnerability in the Gravity SMTP WordPress plugin, which is installed on more than 100,000 WordPress ...

Attackers are exploiting CVE-2026-4020 in Gravity SMTP to leak API keys, OAuth tokens, and system data from WordPress sites.

Security researchers turned the chatbot into a "one-click data exfiltration weapon." The post Microsoft’s Copilot AI Caught ...

Meta’s AI support chatbot proved unusually helpful to hackers looking to steal and resell notable Instagram accounts—the hackers simply asking the bot to change the accounts’ associated email ...

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

Google has released an unscheduled update for Chrome to close two critical security vulnerabilities. As criminals are already actively using these vulnerabilities for attacks, all users are advised to ...

Meta’s AI support chatbot reportedly exploited in Instagram account takeover hack, raising concerns over AI-driven security and account recovery systems ...

Google said it observed a group of prominent “threat actors” planning an operation relying on a bug they had found that allowed them to bypass two-factor authentication.

Hackers are exploiting a vulnerability in ChatGPT's infrastructure to redirect users to malicious websites, with security researchers recording more than 10,000 exploit attempts in a week from a ...

Hackers are actively exploiting a maximum severity flaw in the Modular DS WordPress plugin that allows them to bypass authentication remotely and access the vulnerable sites with admin-level ...