CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today ...
Microsoft

How Storm-2949 turned a compromised identity into a cloud-wide breach

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...
CSO Online

New image-based prompt injection attack targets multimodal AI models

Researchers say the technique can manipulate how vision-language models interpret both images and user prompts.

Ivanti EPM: Security flaws allow SQL injection, privilege escalation

Ivanti warns of three security vulnerabilities in Endpoint Manager (EPM). They allow SQL injection or privilege escalation.