Security Boulevard

ACFW firewall test prologue – still failing at the basics

The results of our soon-to-be-published Advanced Cloud Firewall (ACFW) test are hard to ignore. Some vendors are failing badly at the basics like SQL injection, command injection, Server-Side Request ...

CISA warns of five-year-old GitLab flaw exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their systems against a five-year-old GitLab vulnerability that is actively being exploited in ...
The Hacker News

CISA Adds Actively Exploited SolarWinds Web Help Desk RCE to KEV Catalog

CISA adds an actively exploited SolarWinds Web Help Desk RCE flaw to KEV, ordering federal agencies to patch by February 2026 ...

DryRun Security Introduces the DeepScan Agent for Rapid, Full-Codebase Security

DryRun Security, the industry’s first AI-native, code security intelligence company, today announced the DeepScan Agent, a new AI-powered capability that delivers full-repository application security ...

Hugging Face Repositories Abused in New Android Malware Campaign

Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of ...
Cryptopolitan

23,000 active hosts, 130 countries: Hackers hijack open-source AI models

About 175,000 private servers are reportedly exposed to the public internet, giving hackers the opportunity to carry out ...