SecurityWeek

Organizations Warned of Exploited Windows, Adobe Acrobat Vulnerabilities

CISA has expanded the KEV catalog to include seven vulnerabilities, including Windows flaws that lead to privilege escalation ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
TechRepublic

arbitrary code execution

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices. Google released a Chrome security update fixing two high ...
来自MSN

Amazon quietly fixed Q Developer flaws that made AI agent vulnerable to prompt injection, RCE

Amazon has quietly fixed a couple of security issues in its coding agent: Amazon Q Developer VS Code extension. Attackers could use these vulns to leak secrets, including API keys from a developer's ...
SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
游侠网 on MSN

《马里奥兄弟》发售40年惊现新漏洞:可以修改代码!

据外媒playground报道,在《超级马里奥兄弟》问世40多年后,玩家社区发现了该系列史上最重磅的漏洞——可允许玩家在游戏过程中“直接修改代码”,即“任意代码执行”(Arbitrary Code Execution)。