Researchers discover OpenAI Codex vulnerability involving Unicode characters

Hackers can steal your GitHub tokens through OpenAI’s Codex using nothing more than a sneaky branch name ...
Bleeping Computer

New Aquabotv3 botnet malware targets Mitel command injection flaw

A new variant of the Mirai-based botnet malware Aquabot has been observed actively exploiting CVE-2024-41710, a command injection vulnerability in Mitel SIP phones. The activity was discovered by ...
IT-Online

Command injection vulnerability in ExifTool targets macOS users

Kaspersky’s Global Research and Analysis Team, identified a command injection vulnerability (CVE-2026-3102) in ExifTool, a free, open-source tool used worldwide to read and edit metadata in images, ...