1147 matches found
CVE-2026-44020 Docling: Unsafe XML Entity Expansion in USPTO Patent Backend
Docling simplifies document processing by parsing diverse formats and providing integrations with the generative AI ecosystem. From 2.13.0 until 2.74.0, the USPTO patent XML parser used the standard xml.sax.parseString without protection against XML External Entity XXE attacks. An attacker could...
CISA Warns Fortinet Customers as FortiBleed Hits 86,644 FortiGate Devices
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday urged Fortinet customers with FortiGate appliances to take steps to secure against ongoing malicious activity aimed at thousands of internet-accessible devices. The sweeping campaign, believed to be the work of...
CVE-2026-54103
The U.S. Government Accountability Office GAO Electronic Protest Docketing System EPDS and Civilian Board of Contract Appeals CBCA Electronic Docketing System EDS does not authenticate password change requests to the '/update-profile/N' API endpoint. A remote, unauthenticated attacker could chang...
Extradited Ukrainian Man Admits Role in Conti Ransomware Attacks
Ukrainian national Oleksii Lytvynenko has pleaded guilty in the US to wire fraud conspiracy linked to Conti ransomware, which hit more than 1,000 victims and generated at least $150 million in ransom payments...
U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals
Anthropic said on Friday it will "abruptly disable" its most advanced artificial intelligence AI models, Claude Fable 5 and Mythos 5 , for all users after the U.S. government ordered it to suspend access to the models for foreign nationals, whether inside or outside the U.S., citing national...
Grok Is Still Hosting Sexualized Deepfakes of Famous Women
A WIRED investigation found dozens of “nudified” deepfake images and videos on Grok's website, including nonconsensual depictions of celebrities and at least one prominent US politician...
CISA Tells US Agencies to Fix Security Bugs in as Little as 3 Days Thanks to AI Threats
“Defenders cannot afford to take weeks to patch,” one Cybersecurity and Infrastructure Security Agency official warned on Wednesday...
Mapping Every Flock License Plate Reader Near US World Cup Stadiums
Most US World Cup stadiums are surrounded by surveillance cameras. Want to know if you’re being watched on your way to a match? These maps will help you...
Multi-Vendor BIOS Security Vulnerabilities (June 2026) - Lenovo Support US
No description provided...
MediaTek Tablet Vulnerabilities, June 2026 - Lenovo Support US
No description provided...
Qualcomm Fastboot UEFI Vulnerabilities - Lenovo Support US
No description provided...
MediaTek WLAN Vulnerabilities - Lenovo Support US
No description provided...
Lenovo LanSchool Classic Vulnerability - Lenovo Support US
No description provided...
Lenovo Accessories and Display Manager for Enterprise for Windows Vulnerability - Lenovo Support US
No description provided...
The Hardest Fork
Mythos is real. I know a big chunk of the industry thinks it's a marketing stunt, and I get why. I get it. But I've seen the findings, and they're bad. These aren't "whoops, this line right here is wrong, and that's RCE." They're novel combinations of a few dozen issues out of thousands of things...
All the Ways Europe Is Ditching American Technology
A WIRED timeline shows how dozens of governments, companies, and other organizations across Europe are moving, or planning to shift, away from US Big Tech...
CISA: CISA and Partners Urge Hardening Automatic Tank Gauge Systems
The Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, the National Security Agency NSA, the Department of Energy DOE, the Environmental Protection Agency EPA, the Transportation Security Administration TSA, the Department of Transportation DOT, and th...
The White House’s Aliens.gov Site Brags That ICE Arrested More Than 700 US Citizens
The website, which compares human beings to extraterrestrials, touts arrest numbers from the Trump administration’s sweeping immigration crackdown. But some of its details are really out there...
Iran’s Nimbus Manticore Used Trojanized Zoom Installers Against US Firms
Iran’s Nimbus Manticore hackers used trojanized Zoom installers to deploy malware against US firms during a wider IRGC linked cyber campaign...
Alleged Kimwolf Botmaster ‘Dort’ Arrested, Charged in U.S. and Canada
Canadian authorities on Wednesday arrested a 23-year-old Ottawa man on suspicion of building and operating Kimwolf , a fast spreading Internet-of-Things botnet that enslaved millions of devices for use in a series of massive distributed denial-of-service DDoS attacks over the past six months...