An integer overflow or wraparound in the Qualcomm graphics component, the bug leads to memory corruption.
The post Android Update Patches Exploited Qualcomm Zero-Day appeared first on SecurityWeek.
Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise
Improper input sanitization in the framework can be exploited through the Shell tool, allowing attackers to modify system files and steal data.
The post Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise appeared first on SecurityWeek.
Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant
Malicious extensions could hijack the Gemini Live in Chrome feature to spy on users and steal their files.
The post Vulnerability Allowed Hijacking Chrome’s Gemini Live AI Assistant appeared first on SecurityWeek.
OpenClaw Vulnerability Allowed Websites to Hijack AI Agents
Malicious websites could open a WebSocket connection to localhost on the OpenClaw gateway port, brute force passwords, and take control of the agent.
The post OpenClaw Vulnerability Allowed Websites to Hijack AI Agents appeared first on SecurityWeek.
900 Sangoma FreePBX Instances Infected With Web Shells
The attacks exploited a post-authentication command injection vulnerability in the endpoint manager’s interface.
The post 900 Sangoma FreePBX Instances Infected With Web Shells appeared first on SecurityWeek.
Juniper Networks PTX Routers Affected by Critical Vulnerability
An out-of-band security update for Junos OS Evolved patches the remote code execution vulnerability CVE-2026-21902.
The post Juniper Networks PTX Routers Affected by Critical Vulnerability appeared first on SecurityWeek.
Claude Code Flaws Exposed Developer Devices to Silent Hacking
Anthropic has patched vulnerabilities whose impact was demonstrated by Check Point via malicious configuration files.
The post Claude Code Flaws Exposed Developer Devices to Silent Hacking appeared first on SecurityWeek.
Zyxel Patches Critical Vulnerability in Many Device Models
The issue impacts the UPnP function of multiple device models and could be exploited for remote code execution.
The post Zyxel Patches Critical Vulnerability in Many Device Models appeared first on SecurityWeek.
Trend Micro Patches Critical Apex One Vulnerabilities
TrendAI has fixed eight critical and high-severity issues in Windows and macOS endpoint security products.
The post Trend Micro Patches Critical Apex One Vulnerabilities appeared first on SecurityWeek.
Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers
Already added to CISA’s KEV catalog, the flaw allows attackers to bypass authentication and gain administrative privileges.
The post Cisco Patches Catalyst SD-WAN Zero-Day Exploited by Highly Sophisticated Hackers appeared first on SecurityWeek.
