Hackers exploit file upload bug in Breeze Cache WordPress plugin

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...
Security Boulevard

Attacking the MCP Trust Boundary

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...
Cybernews

North Korean hackers build “shiny new” macOS malware, but get hacked themselves

North Korean hackers developed a new macOS malware kit, but were disrupted by a security researcher who exploited ...
Cybernews

750,000 DNN websites in danger: a simple SVG upload can lead to complete compromise

A severe cross-site-scripting (XSS) vulnerability in DNN, a popular open-source content management platform, allows attackers ...
SecurityWeek

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

A researcher analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

How to skip consent prompt for RDP connections in Windows Server

Windows displays a security warning when opening RDP files (.rdp), but you can skip the consent prompt for RDP connections in ...

Dangerous Fake Microsoft Windows Update Confirmed—Do Not Download

As security researchers warn about a dangerous Microsoft Windows update that isn’t legitimate, users must pay close attention ...

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
Cyber Defense Magazine

Innovator Spotlight: Bonfy AI

A New Model for Protecting Data Across AI Agents and Copilots Organizations are racing to adopt AI, copilots, and AI ...
TechRadar

Breach exposes sensitive LAPD files stored in city attorney system

Hackers breached LA City Attorney’s Office systems 337,000 LAPD files stolen, including personnel and internal affairs data Group “World Leaks” published archive, later removed Cybercriminals have ...
IEEE

AMPLE: Fine-grained File Access Policies for Server Applications

Abstract: Userspace programs depend heavily on operating system resources to execute correctly, with file access being one of the most common and critical use cases. Modern Linux distributions include ...