SecurityWeek

Ally WordPress Plugin Flaw Exposes Over 200,000 Websites to Attacks

A vulnerability in the Ally WordPress plugin exposes over 200,000 websites to sensitive information disclosure via SQL queries.
Infosecurity Magazine

Researchers Uncover ‘LeakyLooker’ Vulnerabilities in Google Looker Studio

A set of nine cross-tenant vulnerabilities in Google Looker Studio that could have enabled attackers to extract or manipulate ...
Computer Weekly

Microsoft patches zero-days in .NET and SQL Server

Zero-days in .NET and SQL Server, and a handful of critical RCE bugs, form the nucleus of Microsoft's March Patch Tuesday update.

"LeakyLooker" Discovery Reveals Nine Vulnerabilities in Google Looker Studio, Exposing ...

Tenable Research has uncovered a series of security vulnerabilities in Google Looker Studio, dubbed "LeakyLooker," that allowed attackers to run arbitrary SQL queries on victims’ databases and ...
The Hacker News

ThreatsDay Bulletin: OAuth Trap, EDR Killer, Signal Phishing, Zombie ZIP, AI Platform Hack ...

ThreatsDay: OAuth abuse, Signal hijacks, Zombie ZIP evasion, Teams malware, AI hack, RondoDox botnet, and more cyber stories.
winbuzzer.com

Microsoft March 2026 Patch Tuesday: 84 Fixes, Two Zero-Days, and an AI-Found CVSS 9.8

A fully autonomous AI agent has claimed the top of HackerOne’s bug bounty leaderboard – and this month it submitted a CVSS 9.8 remote code execution flaw to Microsoft via HackerOne that the company ...