A critical LangChain Core vulnerability (CVE-2025-68664, CVSS 9.3) allows secret theft and prompt injection through unsafe ...

Zyxel is warning its NAS (Network Attached Storage) devices users to update their firmware to fix a critical severity command injection vulnerability. The newly discovered vulnerability, ...

Researchers discovered a security flaw in Google's Gemini AI chatbot that could put the 2 billion Gmail users in danger of being victims of an indirect prompt injection attack, which could lead to ...

Luckily, Eurostar did not connect its customer information database with the chatbot, so at the time of discovery, there was no direct risk of data leakage happening.

The U.K. Information Commissioner's Office has issued a warning to businesses to eliminate SQL injection vulnerabilities from their websites, after fining a hotel booking site for failing to properly ...

Two significant security vulnerabilities have been identified in the Fancy Product Designer premium plugin, which allows the customization of WooCommerce products. The issues remain unpatched in the ...

Vulnerabilities that leave applications open to SQL injection are the most dangerous software errors in cyberspace, according to rankings issued earlier this week by top security groups. Issued by the ...

Researchers at Pen Test Partners found four flaws in Eurostar's public AI chatbot that, among other security issues, could ...

A serious security issue has been discovered in the WordPress Paid Membership Subscriptions plugin, which is used by over 10,000 sites to manage memberships and recurring payments. Versions 2.15.1 and ...

Zyxel has released security updates to address a critical vulnerability impacting multiple models of its business routers, potentially allowing unauthenticated attackers to perform OS command ...

The developers of Ruby on Rails, a popular open source Web application development framework for the Ruby programming language, released versions 3.2.10, 3.1.9, and 3.0.18 of the software on Wednesday ...