SAP Patchday: One critical SQL injection vulnerability – and 18 others

On the April Patchday, SAP addresses vulnerabilities with 19 security notes. One critical vulnerability allows the injection ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
The Hacker News

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical SAP, Adobe, Fortinet, and Microsoft flaws disclosed in April Patch Tuesday, enabling RCE and data theft risks.

Microsoft: Third-Party Android Vulnerability Leaves Over 50M Users Exposed

A flaw in the EngageLab SDK exposed 50 million Android users, allowing malicious apps to exploit trusted permissions and ...

Gas Town controls what automated agents are allowed

Gas Town 1.0.0 orchestrates multi-stage development workflows, hardens agent security, and supports Windows for the first ...
The Hacker News

CISA Adds 6 Known Exploited Flaws in Fortinet, Microsoft, and Adobe Software

CISA adds six exploited vulnerabilities, including Fortinet and Exchange flaws, requiring FCEB patching by April 27, 2026.

Researchers detail how a prompt injection attack bypassed Apple Intelligence protections

A now corrected issue let researchers circumvent Apple’s restrictions and force the on-device LLM to execute ...

On-device Apple Intelligence vulnerable to prompt injection techniques

Apple Intelligence's on-device AI can be manipulated by attackers using prompt injection techniques, according to new ...