SecurityWeek

SAP Patches Critical FS-QUO, NetWeaver Vulnerabilities

SAP released 15 new security notes on its March 2026 Security Patch Day, including two that resolve critical vulnerabilities ...

KeePassXC 2.7.12: DLL protection, passkey changes, and TOTP in Auto-Type

KeePassXC 2.7.12 protects Windows users from DLL injection via OpenSSL, changes passkey flags, and supports TOTP placeholders in Auto-Type.
The Hacker News

OpenClaw AI Agent Flaws Could Enable Prompt Injection and Data Exfiltration

CNCERT warns OpenClaw AI agent has weak defaults enabling prompt injection and data leaks, prompting China to restrict use on government systems.

Hackers Pose as IT Staff in Microsoft Teams to Install Malware

Hackers are impersonating IT staff in Microsoft Teams to trick employees into installing malware, giving attackers stealthy access to corporate networks.
Torque News

How Thieves Use CAN Bus Injection To Disable Toyota Tundra Security: A $1,600 Tracking Failure Explained

Professional thieves are using CAN bus injection to bypass $1,600 Toyota Tundra security options in under 10 minutes. This investigation into Jonathan Sewell’s stolen 2024 Tundra reveals why factory ...

For March, Patch Tuesday delivers fixes for 83 vulnerabilities

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log ...
CSO Online

ClickFix techniques evolve in new infostealer campaigns

Recent social engineering schemes involving WordPress and Microsoft’s Windows Terminal show that this relatively basic tactic is a growing threat.

Direct Prompt Injection: How Attackers Manipulate LLM Input

Direct prompt injection occurs when a user crafts input specifically designed to alter the LLM’s behavior beyond its intended boundaries.