Microsoft Office Word 0-Day Vulnerability Enables Attackers to Bypass Security Feature

Microsoft has disclosed a zero-day vulnerability in Microsoft Office Word that allows attackers to bypass security protections. Identified as CVE-2026-21514, this security flaw was officially documented on February 10, 2026, and poses significant risks to users worldwide. Vulnerability Overview CVE-2026-21514 is…

Prompt Injection Via Road Signs

Interesting research: “CHAI: Command Hijacking Against Embodied AI.” Abstract: Embodied Artificial Intelligence (AI) promises to handle edge cases in robotic vehicle systems where data is scarce by using common-sense reasoning grounded in perception and action to generalize beyond training distributions…

RU-APT-ChainReaver-L Hijacks Trusted Sites and GitHub in Sweeping Cross-Platform Supply Chain Attack

A newly exposed advanced persistent threat (APT) campaign, tracked as RU-APT-ChainReaver-L, is hijacking trusted file-hosting sites and long-standing GitHub accounts to deliver stealthy malware to Windows, macOS, and iOS users at scale. The campaign abuses popular mirror and file-distribution portals…

Spam and phishing in 2025

The report contains statistics on spam and phishing in 2025, outlining the main trends: phishing and scam QR codes, ClickFix attacks, ChatGPT subscription lures and others. This article has been indexed from Securelist Read the original article: Spam and phishing…

Fortinet Patches High-Severity Vulnerabilities

The bugs could be exploited without authentication for command execution and authentication bypass. The post Fortinet Patches High-Severity Vulnerabilities appeared first on SecurityWeek. This article has been indexed from SecurityWeek Read the original article: Fortinet Patches High-Severity Vulnerabilities