This Copilot vulnerability could expose emails, 2FA codes, and other sensitive data

This sneaky attack tricks Microsoft's AI assistant to hand over your data.

Oracle issues out-of-band warning about critical PeopleSoft code injection flaw

Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.

Critical Copilot vulnerability allowed hackers to steal 2FA code from users

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...
Ars Technica

3 million iOS and macOS apps were exposed to potent supply-chain attacks

Vulnerabilities that went undetected for a decade left thousands of macOS and iOS apps susceptible to supply-chain attacks. Hackers could have added malicious code compromising the security of ...

Ubiquiti UniFi OS: Critical vulnerabilities allow code injection

Ubiquiti warns of partly critical security vulnerabilities in UniFi OS. Updated software is available to fix them.
Bleeping Computer

Cisco fixes root escalation vulnerability with public exploit code

Cisco has fixed a command injection vulnerability with public exploit code that lets attackers escalate privileges to root on vulnerable systems. Tracked as CVE-2024-20469, the security flaw was found ...
Dark Reading

Apple CocoaPods Bugs Expose Millions of Apps to Code Injection

A near inconceivable number of Apple apps have been exposed to critical vulnerabilities in a popular dependency manager for years now. CocoaPods is a platform that developers in Apple's ecosystem use ...
Forbes

Why No-Code Doesn’t Mean No Vulnerabilities

Seatbelts don’t make you invincible. You can drive the safest car on the road and still end up in an accident if you can't see your surroundings. The same principle applies to citizen developer ...