CISA adds second critical flaw in Ivanti EPMM to exploited vulnerabilities catalog

Ivanti first disclosed the issue in late January along with CVE-2026-1281, which is a similar code injection vulnerability ...

OpenAI patches flaw allowing silent data leakage from ChatGPT conversations

What happens when researchers think outside the box? Data gets exfiltrated through DNS.
ZDNet

23andMe and JFrog partner to solve code injection vulnerability

Security researchers at JFrog worked with biotechnology company 23andMe to address a vulnerability with Yamale, a tool written by the company and used by over 200 repositories. The smartest companies ...
dbta

Addressing SAP’s SQL Injection Attacks and Directory Traversal Vulnerabilities

SAP platforms, used by 99 of the Fortune 100 companies and with over 280 million cloud subscribers worldwide, are among the most reliable business applications. As SAP administrators, your role in ...
SiliconANGLE

Indirect prompt injection in Google Gemini enabled unauthorized access to meeting data

A new report out today from cybersecurity company Miggo Security Ltd. details a now-mitigated vulnerability in Google LLC’s artificial intelligence ecosystem that allowed for a natural-language prompt ...
The Hacker News

OpenAI Patches ChatGPT Data Exfiltration Flaw and Codex GitHub Token Vulnerability

ChatGPT and Codex flaws patched Feb 2026 exposed DNS exfiltration and GitHub tokens, raising enterprise AI security risks.
TechRepublic

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America

Zero-day MOVEit Transfer vulnerability exploited in the wild, heavily targeting North America Your email has been sent Read the technical details about this zero-day MoveIT vulnerability, find out who ...
Dark Reading

How to Tame SQL Injection

For more than a decade, injection vulnerabilities have literally topped the charts of critically dangerous software flaws, deemed more serious than all other types of vulnerabilities in the 2010, 2013 ...