A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to ...

Eurostar's recently-introduced AI-powered customer support chatbot was marred with cybersecurity vulnerabilities that opened the doors to a multitude of potential risks, experts have warned.

Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability. The newly discovered vulnerability, ...

Two significant security vulnerabilities have been identified in the Fancy Product Designer premium plugin, which allows the customization of WooCommerce products. The issues remain unpatched in the ...

The U.K. Information Commissioner's Office has issued a warning to businesses to eliminate SQL injection vulnerabilities from their websites, after fining a hotel booking site for failing to properly ...

A new report out today from software supply chain company JFrog Ltd. reveals a surge in security vulnerabilities in machine learning platforms, highlighting the relative immaturity of the field ...

Tenable says it found seven prompt injection flaws in ChatGPT-4o, dubbed the “HackedGPT” attack chain Vulnerabilities include hidden commands, memory persistence, and safety bypasses via trusted ...

Vulnerabilities that leave applications open to SQL injection are the most dangerous software errors in cyberspace, according to rankings issued earlier this week by top security groups. Issued by the ...

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...