AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Hackers have been exploiting a remote code execution vulnerability in the Everest Forms Pro plugin to take over WordPress ...

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.

Lazarus Group has deployed RemotePE, a fully memory-resident trojan that is extremely hard for traditional antivirus and forensic tools to detect.

Gong and other scholars have been issuing warnings about the security vulnerabilities of AI agents for a while. They publish ...

A trader did not need to hack Grok, steal a password, or break a smart contract. A hidden Morse code prompt inside a public X reply was enough to trigger a nearly $200K crypto transfer from Grok’s ...

Sites belonging to major universities such as Harvard and Oxford, as well as DuckDuckGo, have been compromised in the attack.

Data stolen in a cyberattack that shut down an education platform used by universities and K-12 schools across the US last week has been returned to the platform’s parent company, Instructure, ...

In the world of fast food restaurant hacks, sometimes things can get a little complicated. The hack inventor might say to order this, order that, split this in half, order another one of those, add ...

Ontario police have reportedly been using spyware to hack into phones without alerting their users. In a new report, The Toronto Star reveals that Ontario Provincial Police (OPP) and Windsor Police ...