Critical Vulnerabilities Patched in Fortinet, Ivanti Products
Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution. The post Critical Vulnerabilities Patched in ...
Amazon
20 articles
OpenClaw AI Agent Leaks Credentials in Phishing Simulation
Autonomous email agents can become high‑impact phishing victims, leaking cloud credentials and sensitive business data even when wrapped in explicit safety i...
Enterprises know AI-generated code is vulnerable; they’re shipping it anyway
AI-generated code is riddled with security flaws, yet enterprises are shipping more of it than ever before. Why?
SAP fixes critical flaws in NetWeaver and Commerce Cloud
SAP has released fixes for 15 vulnerabilities as part of its June 2026 Security Patch package, including four critical-severity flaws affecting SAP NetWeaver...
SAP Patches Critical NetWeaver, Commerce Vulnerabilities
The flaws could lead to the disclosure of sensitive information, memory corruption, and disruption of normal system usage. The post SAP Patches Critical NetW...
Check Point warns of ransomware-linked attacks exploiting outdated VPN protocol
Check Point has issued emergency hotfixes for a pair of vulnerabilities affecting VPN deployments that still use the deprecated Internet Key Exchange version...
Will AI Kill the Bug Bounty Industry?
Anthropic's Mythos is accelerating vulnerability discovery to machine speed, forcing the bug bounty industry and offensive security teams to adapt to a futur...
U.S. CISA adds BerriAI LiteLLM and Check Point Security Gateway flaws to its Known Exploited Vulnerabilities catalog
U.S.
Apache HTTP Server 2.4.68 Patches Multiple Security Vulnerabilities
Apache has released HTTP Server version 2.4.
Ubiquiti UniFi OS server vulnerabilities allow unauthenticated remote code execution
The security flaws, tracked as CVE-2026-34908, CVE-2026-34909, and CVE-2026-34910, were addressed in May and impacted UniFi OS Server versions 5.0.
ICYMI: May 2026 @AWS Security
Read all about the latest AWS security features, compliance updates, and hands-on resources in our new, monthly digest posts. You’ll find expert blog posts, ...
Operationalizing AWS security: A maturity roadmap
Enabling security tooling is the starting point. Making it operational—where findings drive decisions, response times are measurable, and your security postu...
Former IBM executive sues, alleging cover-up of foreign government hacks
The lawsuit was filed by William Barlow, IBM's former vice president of threat intelligence.
IoT Botnet C0XMO Adds Competitor-Killing Capability
C0XMO is a new Gafgyt botnet variant exploiting old router flaws, spreading across IoT devices, killing rivals, and enabling large-scale DDoS attacks. In Mar...
Critical UniFi OS RCE Chain Grants Root Access Without Credentials
Security Advisory Bulletin 064 describing a critical chain of vulnerabilities in UniFi OS Server that allows unauthenticated remote code execution and full r...
Top 10 Best Software Composition Analysis (SCA) Tools for Security Teams in 2026
The complexity of modern software development requires security to be deeply embedded within the engineering pipeline rather than treated as an afterthought....
Critical UniFi OS Auth Bypass Flaws Lead to Unauthenticated Root RCE
Ubiquiti has addressed three critical vulnerabilities within the UniFi OS Server that attackers can chain together to achieve unauthenticated remote code exe...
Building secure B2C applications with fine-grained access control using Amazon Cognito and Amazon Verified Permissions
Modern web applications require robust security controls to protect user data and application resources. Authentication and authorization are two fundamental...
EU unveils tech sovereignty package to cut reliance on US, Chinese suppliers
The package bundles two draft laws — a Chips Act 2.0 and a Cloud and AI Development Act (CADA) — alongside an Open Source Strategy and a roadmap for digitali...
Amazon Cognito unlocks advanced capabilities with next-generation infrastructure
Amazon Cognito recently introduced high-throughput performance for demanding workloads, customer-managed keys for full control over data encryption at rest, ...