ملحق WordPress Ally يحمل ثغرة حقن SQL تهدد 250,000 موقع

Researchers analyzing 10 million web pages have identified 1,748 active API credentials from 14 major providers exposed across nearly 10,000 websites, including those run by banks and healthcare providers. These leaks could enable attackers to access sensitive data or gain control over digital infrastructure. Nurullah Demir of Stanford University described the issue as very significant, affecting even major companies.

22 أبريل، 2026 من إعداد الذكاء الاصطناعي

Microsoft has released an emergency patch for a high-severity vulnerability in its ASP.NET Core framework, affecting macOS and Linux applications. Tracked as CVE-2026-40372, the flaw allows unauthenticated attackers to gain SYSTEM privileges through forged authentication payloads. The company advises immediate updates and key rotation to fully mitigate risks.

Infostealer malware has targeted OpenClaw AI agents for the first time, according to a TechRadar report. The incident highlights vulnerabilities in locally deployed AI systems that store sensitive information. The article was published on February 17, 2026.

3 أبريل، 2026 من إعداد الذكاء الاصطناعي

Developers of the popular AI tool OpenClaw released patches for three high-severity vulnerabilities, including one that allowed attackers with basic pairing privileges to silently gain full administrative control. The flaw, tracked as CVE-2026-33579 and rated up to 9.8 out of 10 in severity, has raised alarms among security experts. Thousands of exposed instances may have been compromised unknowingly.