The Hacker News

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

Nine “LeakyLooker” flaws in Google Looker Studio allowed cross-tenant SQL access across GCP services before being patched.

Opsera Unveils AppSec AI Agents to Power the Shift from traditional SDLC to AI-SDLC

Opsera, the leader in Agentic DevOps, today announced the launch of Opsera AI Agents for DevSecOps, a suite of intelligent, purpose-built agents designed to help enterprises transition from ...
The Hacker News

Critical n8n Flaws Allow Remote Code Execution and Exposure of Stored Credentials

Two critical n8n flaws (CVSS 9.4, 9.5) enable RCE via expression sandbox escape and public forms, risking credential exposure ...
Bleeping Computer

SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...
SecurityWeek

OpenAI Rolls Out Codex Security Vulnerability Scanner

Codex Security, formerly Aardvark⁠, has found hundreds of critical vulnerabilities in tested software in the past month.
InfoWorld

19 large language models redefining AI safety—and danger

Whether you are looking for an LLM with more safety guardrails or one completely without them, someone has probably built it.
Microsoft

Contagious Interview: Malware delivered through fake developer job interviews

The Contagious Interview campaign weaponizes job recruitment to target developers. Threat actors pose as recruiters from crypto and AI companies and deliver backdoors such as OtterCookie and ...
InfoQ

AI-Powered Bot Compromises GitHub Actions Workflows Across Microsoft, DataDog, and CNCF Projects

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
InfoWorld

19 large language models for safety or danger

These new models are specially trained to recognize when an LLM is potentially going off the rails. If they don’t like how an interaction is going, they have the power to stop it. Of course, every ...
Security Boulevard

Operational Technology (OT) penetration testing: Defining, Process and Tools

Operational penetration testing is a process of simulating real-world attacks on OT systems to identify vulnerabilities before cybercriminals can exploit them, either physically or remotely. OT ...
Unite.AI

OpenAI Launches Codex Security To Find Vulnerabilities in Code

OpenAI released Codex Security on March 6, an AI-powered application security agent that scans codebases for vulnerabilities, validates findings in sandboxed environments, and proposes patches. The ...
Game Rant

Sorcerer Ascent Codes (March 2026)

Tom Bowen is a senior editor who loves adventure games and RPGs. He's been playing video games for several decades now and writing about them professionally since 2020. Although he dabbles in news and ...