The first vulnerability, CVE-2026-49200, is a broken access control flaw that allows unauthenticated attackers to access plaintext credentials from log archives, potentially leading to unauthorized system access.
Tag: Broken
AI, Global Security News, malware
⚡ Weekly Recap: Fast16 Malware, XChat Launch, Federal Backdoor, AI Employee Tracking & More
Everything is dumb again. This week feels broken in a very familiar way. Old tricks are back. New tools are doing shady crap. Supply chains got hit. Fake help desks worked. Weird research showed how easy some attacks still are. Most of it feels like stuff we should have fixed years ago. Bad extensions. Stolen…
AI, Cybersecurity, Global Security News
Smashing Security podcast #463: This AI company leaked its own code. It’s also built something terrifying
A hacking group claims to have broken into the flood defence system protecting Venice’s Piazza San Marco – and is offering to sell access to whoever wants it. The asking price? A frankly insulting $600. Meanwhile, Anthropic accidentally leaked the source code for Claude Code via a basic packaging mistake. Oh, and by the way,…
AI, Global Security News
Apple worst, Asus best for laptop repairability
Broken laptops are not becoming easier to fix, despite the availability of public data about their repairability and growing support for right-to-repair legislation. That’s according to US PIRG Education Fund, a consumer protection nonprofit. Its fifth annual Failing to Fix survey found Asus to be the most repairable laptop brand — although its score dropped…
AI, Global Security News
BP Pulse brings EV charging power to Melbourne Airport
bp pulse has broken ground to build its first large-scale Electric Vehicle (EV) charging hub in Australia, with 24 charging bays at Melbourne Airport planned for completion in 2026.
Global Security News
Live Nation Reaches Settlement in Federal Antitrust Case
The move spares the concerts-and-ticketing giant from the threat of its business being broken up.
Global Security News, Venture
Fig Security emerges from stealth with $38 million to resilience-proof enterprise security
Fig Security, a new platform that finds and fixes broken security flows across your entire SecOps infrastructure, has launched from stealth with $38 million across Seed and Series A rounds. It addresses one of the least visible challenges yet most consequential in enterprise security: the quiet breakdown of security operations as environments grow more complex.…
AI, Apps, Endpoint, Exploits, Global Security News, Risk Management
Everyone Knows About Broken Authorization – So Why Does It Still Work for Attackers?
Broken authorization is one of the most widely known API vulnerabilities. It features in the OWASP Top 10, AppSec conversations, and secure coding guidelines. Broken Object Level Authorization (BOLA) and Broken Function Level Authorization (BFLA) account for hundreds of API vulnerabilities every quarter. According to the 2026 API ThreatStats report, authorization issues ranked ninth in…