SecurityWeek

OpenClaw Vulnerability Allowed Malicious Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that allowed a malicious website to silently bruteforce access to a locally ...
The Hacker News

900+ Sangoma FreePBX Instances Compromised in Ongoing Web Shell Attacks

Over 900 FreePBX systems remain infected after CVE-2025-64328 exploitation, now listed in CISA KEV amid active attacks.
SecurityWeek

Juniper Networks PTX Routers Affected by Critical Vulnerability

Juniper Networks released an out-of-band update for its Junos OS Evolved network operating system to patch a critical vulnerability.
The Hacker News

CISA Confirms Active Exploitation of FileZen CVE-2026-25108 Vulnerability

CISA added FileZen CVE-2026-25108 (CVSS 8.7) to its KEV catalog after active exploitation, affecting versions 4.2.1–4.2.8 and ...
tech2geek

OpenVAS Vulnerability Scanner: How to Secure Your Network the Smart Way (2026 Guide)

Running a home lab, NAS, web server, or small business infrastructure? Then you’ve probably asked yourself the big question: Is my network actually secure? Waiting for a breach to find out isn’t a ...
The Verge

Microsoft fixes Notepad flaw that could trick users into clicking malicious Markdown links

Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. Bad actors could use the flaw to remotely load and execute malicious files on a victim’s computer. is ...
HHS

Feds Signal Shift in Vulnerability Oversight

The U.S. federal government is rethinking how to support its globally adopted vulnerability tracking ecosystem after years of backlogs, funding scares and growing doubts about whether the existing ...
Ars Technica

Microsoft releases urgent Office patch. Russian-state hackers pounce.

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the devices inside diplomatic, maritime, and transport organizations in more ...
The Washington Post

Inside an AI start-up’s plan to scan and dispose of millions of books

In early 2024, executives at artificial intelligence start-up Anthropic ramped up an ambitious project they sought to keep quiet. “Project Panama is our effort to destructively scan all the books in ...
Computerworld

Fixes released for a serious Microsoft Office zero-day flaw

Microsoft is warning admins of an Office security bypass zero day vulnerability that can be triggered simply by a user opening a document. The flaw is currently being actively exploited. “The ...
CSOonline

Vulnerability prioritization beyond the CVSS number

CVSS gives you the number, but context gives you the danger: It’s how vulnerabilities spread through trusted systems that really matters. The common vulnerability scoring system (CVSS) has long served ...