The Register on MSN

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ML Python libraries used in Hugging Face models with tens of millions of ...
The Hacker News

âš¡ Weekly Recap: Firewall Flaws, AI-Built Malware, Browser Traps, Critical CVEs & More

Weekly cybersecurity recap covering emerging threats, fast-moving attacks, critical flaws, and key security developments you ...

Hackers breach Fortinet FortiGate devices, steal firewall configs

Fortinet FortiGate devices are being targeted in automated attacks that create rogue accounts and steal firewall ...
The Hacker News

Fake Python Spellchecker Packages on PyPI Delivered Hidden Remote Access Trojan

Two fake spellchecker packages on PyPI hid a Python RAT in dictionary files, activating malware on import in version 1.2.0.
SecurityWeek

aiFWall Emerges From Stealth With an AI Firewall

The big difference between aiFWall and traditional network firewalls is that this is a two way circular defense around the AI ...
Network World

Palo Alto Networks patches firewalls after discovery of a new denial-of-service flaw

A previous virtually identical zero day DoS vulnerability was targeted in the wild, and there's already a PoC for this one.
Bleeping Computer

New Veeam vulnerabilities expose backup servers to RCE attacks

Veeam released security updates to patch multiple security flaws in its Backup & Replication software, including a critical remote code execution (RCE) vulnerability. Tracked as CVE-2025-59470, this ...
Hosted on MSN

US government told to patch serious Gogs security issue or face attack

CISA added Gogs CVE-2025-8110 to its Known Exploited Vulnerabilities catalog Critical symlink bypass enables unauthenticated Remote Code Execution via PutContents API Over 700 Gogs servers compromised ...