Security Boulevard

Microsoft’s April Security Update of High-Risk Vulnerability Notice for Multiple Products

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...
Security Boulevard

AI Vulnerability Chaining – Why Your Security Stack Cannot Detect What Comes Next

Mythos combined four separate low-severity bugs into a complete browser sandbox escape. Traditional scanners evaluate ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.

CVSS vulnerability triage missed a chained Palo Alto attack that hit 13,000 devices. Five failure classes and the fixes ...
Healthcare IT News

AI may be approaching a new phase in healthcare, on two fronts

Artificial intelligence is becoming so user-friendly that doctors can code custom clinical workflow tools. But AI-driven ...

Malicious code vulnerability with maximum rating threatens Firebird

The open-source database management system Firebird is vulnerable in several ways. It can allow malicious code onto systems.
The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
SecurityWeek

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...
SecurityWeek

Recent Microsoft Defender Vulnerability Exploited as Zero-Day

Threat actors have been exploiting the BlueHammer Microsoft Defender vulnerability as a zero-day to gain System privileges.