CSO Online

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data ...
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

China's National Computer Network Emergency Response Technical Team (CNCERT) has issued a warning about the security stemming from the use of OpenClaw (formerly Clawdbot and Moltbot), an open-source ...
IEEE

Evaluating Large Language Models for Line-Level Vulnerability Localization

Abstract: Recently, Automated Vulnerability Localization (AVL) has attracted growing attention, aiming to facilitate diagnosis by pinpointing the specific lines of code responsible for vulnerabilities ...
IEEE

VulKiller: Java Web Vulnerability Detection with Code Property Graph and Large Language Models

Abstract: In recent years, web application development has become more efficient, yet vulnerabilities still pose significant risks. Traditional static and dynamic detection techniques are prone to ...
SecurityWeek

VMware Aria Operations Vulnerability Exploited in the Wild

The recently patched CVE-2026-22719 can be exploited by an unauthenticated attacker for remote code execution. A recently patched vulnerability in VMware Aria Operations (formerly vRealize Operations) ...
The Hacker News

CISA Adds Actively Exploited VMware Aria Operations Flaw CVE-2026-22719 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Tuesday added a recently disclosed security flaw impacting Broadcom VMware Aria Operations to its Known Exploited Vulnerabilities ...
Bleeping Computer

CISA flags VMware Aria Operations RCE flaw as exploited in attacks

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has added a VMware Aria Operations vulnerability tracked as CVE-2026-22719 to its Known Exploited Vulnerabilities catalog, flagging the ...