Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
The Hacker News

LiteLLM CVE-2026-42208 SQL Injection Exploited within 36 Hours of Disclosure

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.
Dark Reading

AI Finds 38 Security Flaws in Electronic Health Record Platform

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...
DataBreachToday

Researchers Find 38 Flaws in OpenEMR. They've Been Fixed

Researchers at security firm AISLE said they recently identified 38 vulnerabilities, including two maximum-severity zero-day ...

Google Confirms Gmail Upgrade And Warns Of ‘Sophisticated’ AI Attacks

Google has changed Gmail, expanding Gemini to millions of users — just as it warns that this kind of AI upgrade opens the ...
The Hacker News

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...

From XSS to RCE: How to hijack a DotNetNuke server via a single script injection

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...
Hosted on MSN

Google Cloud debuts AI agent platform with cybersecurity tools

Google Cloud has launched its Gemini Enterprise AI agent platform alongside new TPU chips and advanced cybersecurity tools at its Next 2026 event. The platform integrates enterprise data, applications ...