AI News
500 articles — Page 9 of 42
F5 Patches Two Critical NGINX Open Source Flaws Enabling Remote Code Execution
- **Ravie Lakshmanan**Jun 18, 2026Vulnerability / Cloud Security [*]($1) F5 has released security updates to address two critical security flaws in NGINX Open Source that could be exploited to ach...
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
- **Ravie Lakshmanan**Jun 19, 2026Mobile Security / Vulnerability [*]($1) Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited b...
Salesforce Disables Klue App Integration After OAuth Token Abuse Exposes Customer Data
- **Ravie Lakshmanan**Jun 19, 2026Data Breach / Cloud Security [*]($1) Salesforce has revealed that it disabled the Klue Battlecards app integration within its platform in response to a security i...
Forget Data Leakage: Shadow AI's Real Threat Is Access Control
- **The Hacker News**Jun 19, 2026Agentic AI / SaaS Security [*]($1) The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools...
From Assistive to Agentic: The AI Shift That's Redefining Threat Management
- **The Hacker News**Jun 19, 2026Enterprise Security / Agentic AI [*]($1) ## **Introduction** The average enterprise security team has 40 or more security tools, giving a lot of visibility into i...
CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices
- **Ravie Lakshmanan**Jun 19, 2026Threat Intelligence / Firewall Security [*]($1) The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday [urged]($1) Fortinet customers with F...
Operation Endgame Disrupts SocGholish Servers, Cleans 14,971 WordPress Sites
- **Ravie Lakshmanan**Jun 19, 2026Malware / Threat Intelligence [*]($1) Dutch law enforcement authorities, along with counterparts from [ Canada ]($1) , Germany, and the U.S., have disrupted malic...
AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution
- **Swati Khandelwal**Jun 19, 2026Vulnerability / Software Supply Chain [*]($1) Microsoft researchers have detailed an exploit chain, named [AutoJack]($1), that turns an AI browsing agent into a d...
The Gentlemen RaaS Uses GentleKiller EDR Framework Targeting 400 Security Processes
- **Ravie Lakshmanan**Jun 19, 2026Ransomware / Endpoint Security [*]($1) The Gentlemen ransomware-as-a-service (RaaS) operation is actively developing and maintaining a suite of endpoint detection...
Unpatchable 'usbliter8' Exploit Breaks Apple A12 and A13 SecureROM Boot Chain
- **Swati Khandelwal**Jun 19, 2026Hardware Security / Vulnerability [*]($1) Security researchers at Paradigm Shift have published a working exploit, dubbed **usbliter8**, that achieves arbitrary c...
Hackers Exploit Gravity SMTP WordPress Plugin Bug to Expose API Keys
- **Ravie Lakshmanan**Jun 20, 2026Vulnerability / Web Security [*]($1) Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on ...
For the past four years, a sprawling Android-based botnet called **Popa** has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass da...
