Collaborate Disseminate
The SwitchBot Relay Switch turns a device on and off and tells you how much power it’s using. Continue reading I tested a $15 smart switch and found a coffee maker wasting $1,500 a year in electricity
The flaws could lead to the disclosure of sensitive information, memory corruption, and disruption of normal system usage.
The post SAP Patches Critical NetWeaver, Commerce Vulnerabilities appeared first on SecurityWeek.
Continue reading SAP Patches Critical NetWeaver, Commerce Vulnerabilities
Google paid researcher a tidy $55K bounty for its discovery Continue reading Chrome’s zero-day Whac-A-Mole continues with fifth exploited bug of the year
Sergiu Gatlan reports: CISA has ordered U.S. government agencies to secure their Check Point Remote Access VPN and Mobile Access deployments against a critical vulnerability exploited in zero-day attacks by Qilin ransomware affiliates. Unauthenticated … Continue reading CISA gives feds 3 days to patch Check Point VPN bug exploited as zero-day
University of Toronto researchers have built and tested a proof-of-concept AI-driven computer worm that uses a locally hosted open-weight large language model to reason its way through a network, generate tailored attack strategies for each target it e… Continue reading Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models
Google has released security updates to address 74 vulnerabilities, including one that has come under active exploitation in the wild.
The high-severity vulnerability, tracked as CVE-2026-11645 (CVSS score: 8.8), has been described as an out-of-bounds… Continue reading Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild – Patch Now
A command injection vulnerability (CVE-2026-42271) in BerryAI’s LiteLLM open-source AI gateway is being exploited by attackers, the US Cybersecurity and Infrastructure Security Agency (CISA) confirmed by adding the flaw to its Known Exploited Vul… Continue reading LiteLLM vulnerability under active attack, CISA warns (CVE-2026-42271)
The most recent variants of the self-propagating attacks are named Miasma and Hades.
The post Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks appeared first on SecurityWeek.
Continue reading Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks
Organizations have more visibility than ever. Growing tech stacks provide greater coverage, and network security teams are increasingly adopting AI and automation to help with routine tasks and reduce manual effort.
But the same challenges persist. Ou… Continue reading The Hidden Security Risk in Modern Networks: The Work Between Tools
Authorities say the breach only exposed public chat rooms, but alleged attacker claims to have accessed far more data Continue reading France probes compromise of gov messaging platform after account hijack