AI Vulnerability
-
New Vulnerability Found in Google Gemini: Hidden Phishing Attacks Possible
A new vulnerability in Google Gemini could allow attackers to generate seemingly legitimate email summaries that contain hidden phishing instructions. Experts urge organizations to adopt enhanced security measures to counter this threat.
-
Major Security Flaw in Train Brake Systems Exposes US Rail Network to Risks
A critical security vulnerability in the US freight rail system, reported by researcher Neil Smith, has raised alarms about the potential for malicious actors to control train braking systems remotely, with no immediate solution in sight.
-
Cisco Addresses Critical Security Vulnerability in Unified Communications Manager
Cisco has released updates to mitigate a serious security vulnerability in its Unified Communications Manager that allowed for unauthorized remote access through a hardcoded backdoor account.
-
Security Flaw in Forminator Plugin Puts Over 600,000 WordPress Sites at Risk
The Forminator plugin for WordPress, used on over 600,000 sites, has a high-severity vulnerability (CVE-2025-6463) that could allow attackers to execute arbitrary file deletions, potentially leading to complete site takeovers. Users are urged to update to the latest version or disable the plugin immediately to avoid exploitation.
-
Google Addresses Critical Zero-Day Vulnerability in Chrome Browser
Google has released security updates to patch a critical zero-day vulnerability in its Chrome browser, tracked as CVE-2025-6554, which has potentially been exploited in the wild. Users are urged to update their browsers to safeguard against possible attacks.
-
Urgent Security Alert: Citrix Users Urged to Patch ‘Citrix Bleed 2’ Vulnerability
Citrix users are on alert as the ‘Citrix Bleed 2’ vulnerability, identified as CVE-2025-5777, is believed to be actively exploited. This flaw could allow attackers to hijack user sessions and bypass multi-factor authentication, prompting urgent patching recommendations from cybersecurity officials.
-
High-Severity Vulnerability Discovered in Notepad++ Installer
A critical security vulnerability in the Notepad++ installer could allow attackers to gain SYSTEM-level privileges. Users are urged to be cautious and upgrade to the patched version as soon as it is available.
-
Critical Security Flaw Found in Brother Printers Affects Millions of Devices
A critical security vulnerability in Brother printers, affecting hundreds of models, cannot be patched through firmware updates. Security firm Rapid7 has identified the flaw, which could allow attackers to generate default administrator passwords, prompting urgent action to mitigate risks.
-
CISA Warns of Critical Vulnerability in TP-Link Routers Amid Active Exploitation
CISA has identified a critical vulnerability in TP-Link routers, urging users to take immediate action as evidence of active exploitation emerges. The agency’s guidelines are designed to mitigate the risks associated with this command injection vulnerability, affecting multiple router models.
-
New AI Vulnerability Discovered in Microsoft 365 Copilot: ‘EchoLeak’
A new zero-click vulnerability known as ‘EchoLeak’ has been discovered in Microsoft 365 Copilot, enabling attackers to exfiltrate sensitive data without user interaction. While Microsoft has patched the flaw, experts advise businesses to enhance their cybersecurity measures to prevent future exploits.
