320 matches found
PT-2026-32974
Name of the Vulnerable Software and Affected Versions free5GC versions 4.2.1 and earlier Description An improper path validation issue exists in the UDR service. The endpoint 'GET /nudr-dr/v2/application-data/influenceData/influenceId/subscriptionId' is designed to operate only when the influence...
PT-2026-32975
Name of the Vulnerable Software and Affected Versions free5GC UDR service versions prior to 4.2.1 Description An improper path validation issue exists in the UDR service. The handler for creating or updating Traffic Influence Subscriptions checks if the influenceId path segment equals...
PT-2026-32973
Name of the Vulnerable Software and Affected Versions free5GC versions 1.4.2 and earlier Description An improper path validation issue exists in the UDR service. An unauthenticated attacker with access to the 5G Service Based Interface can delete arbitrary Traffic Influence Subscriptions by...
CVE-2026-34747
Payload is a free and open source headless content management system. Prior to version 3.79.1, certain request inputs were not properly validated. An attacker could craft requests that influence SQL query execution, potentially exposing or modifying data in collections. This issue has been patche...
Langflow has Authenticated Code Execution in Agentic Assistant Validation
Description 1. Summary The Agentic Assistant feature in Langflow executes LLM-generated Python code during its validation phase. Although this phase appears intended to validate generated component code, the implementation reaches dynamic execution sinks and instantiates the generated class...
As the US Midterms Approach, AI Is Going to Emerge as a Key Issue Concerning Voters
In December, the Trump administration signed an executive order that neutered states' ability to regulate AI by ordering his administration to both sue and withhold funds from states that try to do so. This action pointedly supported industry lobbyists keen to avoid any constraints and consequenc...
CVE-2026-32015
OpenClaw versions 2026.1.21 up to 2026.2.19 are affected by a path hijacking vulnerability in tools.exec.safeBins that lets an attacker influence gateway process PATH or launch environment to execute trojan binaries with allowlisted names (e.g., jq). The root cause is improper PATH resolution tha...
Canada Needs Nationalized, Public AI
Canada has a choice to make about its artificial intelligence future. The Carney administration is investing $2-billion over five years in its Sovereign AI Compute Strategy. Will any value generated by "sovereign AI" be captured in Canada, making a difference in the lives of Canadians, or is this...
GHSA-6F6J-WX9W-FF4J CpenClaw's ACPX Windows wrapper shell fallback allowed cwd injection in specific paths
Summary On Windows ACPX paths, wrapper resolution for .cmd/.bat could fall back to shell execution in ways that allowed cwd influence to alter execution behavior. Impact In affected Windows ACPX configurations, this could enable command execution integrity loss through cwd-influenced wrapper...
CVE-2026-24790
The underlying PLC of the device can be remotely influenced, without proper safeguards or authentication...
Against the Federal Moratorium on State-Level Regulation of AI
Cast your mind back to May of this year: Congress was in the throes of debate over the massive budget bill. Amidst the many seismic provisions, Senator Ted Cruz dropped a ticking time bomb of tech policy: a ten-year moratorium on the ability of states to regulate artificial intelligence. To many,...
Your Data Might Determine How Much You Pay for Eggs
A newly enacted New York law requires retailers to say whether your data influences the price of basic goods like a dozen eggs or toilet paper, but not how...
Exploring AI in Steganography and Steganalysis: Trends, Clusters, and Sustainable Development Potential
Steganography and steganalysis are strongly related subjects of information security. Over the past decade, many powerful and efficient artificial intelligence AI - driven techniques have been designed and presented during research into steganography as well as steganalysis. This study presents a...
Malicious code in hitachi-poke57 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 7cd985f7f09e39eb34955b27b1fa599790c0c7f5c5ab5eeda540dd3eb1d5902a This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Malicious code in putra-kupang79-breki (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 744b497e36bd18f9ca6aa4a65aea9bb5c622c367d2d75c24e7ebb91dc0fce6ce This package appears to be part of the tea.xyz token reward campaign that flooded npm. These packages typically contain autopublish scripts auto.js,...
Drilling Down on Uncle Sam’s Proposed TP-Link Ban
The U.S. government is reportedly preparing to ban the sale of wireless routers and other networking gear from TP-Link Systems , a tech company that currently enjoys an estimated 50% market share among home users and small businesses. Experts say while the proposed ban may have more to do with...
How High-Tech Finance Companies Turn Innovation Into Influence
Your main rival in the fintech space just raised $20 million in a very successful Series B funding…...
OpenAI Finds Growing Exploitation of AI Tools by Foreign Threat Groups
OpenAI's new report warns hackers are combining multiple AI tools for cyberattacks, scams, and influence ops linked to China, Russia, and North Korea...
AI-Enabled Influence Operation Against Iran
Citizen Lab has uncovered a coordinated AI-enabled influence operation against the Iranian government, probably conducted by Israel. Key Findings A coordinated network of more than 50 inauthentic X profiles is conducting an AI-enabled influence operation. The network, which we refer to as...
EUVD-2020-8166
Malware in sbrugna...