SecurityWeek

Critical Vulnerability in Claude Code Emerges Days After Source Leak

Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
The Hacker News

New PHP Composer Flaws Enable Arbitrary Command Execution — Patches Released

Two Composer flaws (CVE-2026-40176, CVE-2026-40261) allow command execution via Perforce configurations, prompting urgent ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
HoopsHype

“Cortisone is typically the first line of injection …

Neither Egor Demin nor Brooklyn coach Jordi Fernández would specify exactly what procedure the Russian guard underwent on his left foot, other than to say it was successful. “Cortisone is typically ...
Yahoo Finance

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

SUNNYVALE, Calif., March 31, 2026--(BUSINESS WIRE)--Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today highlighted growing security risks for enterprises relying ...
Bleeping Computer

TP-Link warns users to patch critical router auth bypass flaw

TP-Link has patched several vulnerabilities in its Archer NX router series, including a critical-severity flaw that may allow attackers to bypass authentication and upload new firmware. Tracked as CVE ...