W3 Total Cache WordPress plugin vulnerable to PHP command injection

WordPress plugin can be exploited to run PHP commands on the server by posting a comment that contains a malicious payload.
CSO OnlineOpinion

Fortinet criticized for ‘silent’ patching after disclosing second zero-day vulnerability in same equipment

CISA has ordered agencies to patch the FortiWeb web application firewall within seven days after news of exploits emerged.

Second-order prompt injection can turn AI into a malicious insider

The task is automatically passed to a higher-privileged “Data Retrieval Agent”, which interprets the request as legitimate ...