Nine “LeakyLooker” flaws in Google Looker Studio allowed cross-tenant SQL access across GCP services before being patched.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

In this interview, law professor Corinna Barrett Lain discusses her book “Secrets of the Killing State,” which exposes the troubling realities behind lethal injection as a method of execution. Lain, a ...

Pfizer said its experimental obesity drug, which it acquired through Metsera, drove solid weight loss when taken once a month in a mid-stage trial. The data offer early evidence that the injection can ...

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries. The ...

GLP-1 medications, such as Ozempic and Wegovy, are injected into the fatty layer beneath the skin to manage blood sugar and aid in weight management. The recommended injection sites include the ...

Clawdbot's MCP implementation has no mandatory authentication, allows prompt injection, and grants shell access by design. Monday's VentureBeat article documented these architectural flaws. By ...

Saga’s US dollar-pegged stablecoin has dropped to $0.75, while the protocol's total value locked has fallen by around 55% over the past 24 hours. Layer-1 blockchain protocol Saga has paused its ...

Abstract: An increasing number of web application services raises significant security concerns. Online access to these applications exposes them to multiple cyberattacks. The Open Web Application ...

Technical details and a public exploit have been published for a critical vulnerability affecting Fortinet's Security Information and Event Management (SIEM) solution that could be leveraged by a ...

Truebit lost $26 million after a smart-contract overflow bug let an attacker mint tokens at near-zero cost, sending the TRU price down 99%. A $26 million exploit of the offline computation protocol ...

Attackers are actively exploiting a zero-day vulnerability in multiple discontinued D-Link DSL gateway devices to execute arbitrary shell commands on affected products. Most of the gateways under ...