A critical vulnerability has been discovered in the LangChain ecosystem that allows attackers to steal sensitive data and even influence the responses of large language models through prompt injection. The flaw affects LangChain Core...
A critical vulnerability has been discovered in MongoDB that allows a remote attacker to access uninitialized server memory without any form of authentication. Assigned the identifier CVE-2025-14847, the flaw carries a CVSS score of...
Fortinet has warned administrators that real-world attacks are once again exploiting the vulnerability FG-IR-19-283 (CVE-2020-12812), first disclosed in July 2020. Under certain FortiGate configurations, the flaw allows attackers to bypass two-factor authentication and log...
Security researchers uncovered several vulnerabilities in Eurostar’s public chatbot, demonstrating that a “modern” LLM interface can fail for exactly the same reasons as traditional web services: weak server-side data binding, missing validation, and blind...
Commercial robots have proved far less secure than many assume. Security researchers are increasingly demonstrating that certain machines can be taken over in a matter of minutes, and that flaws in software logic can...
A critical vulnerability in the globally used workflow automation platform n8n allows attackers to execute arbitrary code remotely. Tracked as CVE-2025-68613, the flaw carries an exceptionally high CVSS score of 9.9 out of 10....
OpenAI has released a security update for ChatGPT Atlas, a browser equipped with a built-in “agent mode” that can browse the web and act within it almost like a human—clicking, typing, and carrying out...
WatchGuard has warned customers of a critical vulnerability in its Firebox firewalls that is already being actively exploited in real-world attacks. The flaw is a remote code execution vulnerability that allows attackers to seize...
Researchers have uncovered a vulnerability in the UEFI firmware implementations used on motherboards from several major manufacturers, including ASUS, Gigabyte, MSI, and ASRock. The flaw affects the earliest stage of system boot and enables...
A newly discovered vulnerability in FreeBSD components responsible for IPv6 configuration allows an attacker on the same local network to remotely execute arbitrary code on a target system. The flaw affects all supported versions...