SecurityWeek

Mirasvit Vulnerability Exploited to Execute Code on Magento Servers

A flaw in the Full Page Cache Warmer extension can be exploited without authentication via serialized PHP object payloads. The US cybersecurity agency CISA on Wednesday urged federal agencies to ...
Tech Times

SVG Phishing Emails Bypass Email Security: SANS Flags New MIME-Type Evasion

SVG phishing email attacks are bypassing enterprise email security gateways by hiding JavaScript inside image files and ...
The Hacker News

Ghost CMS CVE-2026-26980 Exploited to Hijack 700+ Sites for ClickFix Attacks

Ghost CMS flaw CVE-2026-26980 enabled attacks on 700+ sites, injecting ClickFix malware through fake CAPTCHA pages.
IEEE

Privacy-Encoded Federated Learning Against Gradient-Based Data Reconstruction Attacks

Abstract: Federated learning (FL) enables multiple local clients to collaboratively train a global model, which can reduce privacy leakage by sharing model parameters instead of private datasets.
CSO Online

Internet Explorer may be dead, but its ghost still runs malware

A legacy Windows scripting utility tied to Internet Explorer is still being used in modern malware campaigns, researchers say.
precisionmedicineonline

Encoded Therapeutics' Dravet Gene Therapy Data Suggest Sirolimus May Blunt Benefit

BOSTON – An experimental one-time gene therapy developed by Encoded Therapeutics reduced seizures and improved neurodevelopmental outcomes for children with Dravet syndrome, researchers reported ...