CSO Online

Open WebUI bug turns ‘free model’ into an enterprise backdoor

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote ...
The Hacker News

Critical AdonisJS Bodyparser Flaw (CVSS 9.2) Enables Arbitrary File Write on Servers

A critical CVSS 9.2 flaw in AdonisJS bodyparser lets attackers write arbitrary files via path traversal when uploads are ...

NordVPN denies breach claims, says attackers have "dummy data"

NordVPN denied allegations that its internal Salesforce development servers were breached, saying that cybercriminals ...

NordVPN denies data breach after hackers claim Salesforce leak — here's everything we know so far

Reports have surfaced of a potential data breach involving NordVPN's Salesforce tools. Here is what the hackers are claiming, ...