Oracle issues out-of-band warning about critical PeopleSoft code injection flaw

Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.
The Hacker News

Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities

Fortinet, Ivanti, and SAP patched critical flaws up to CVSS 10.0, reducing RCE, admin takeover, and data exposure risks.
The Hacker News

Critical Gogs RCE Vulnerability Lets Any Authenticated User Execute Arbitrary Code

A critical security vulnerability has been disclosed in Gogs, a popular open-source self-hosted Git service, that allows an authenticated user to execute arbitrary code under certain conditions. The ...
CSO Online

Enterprises know AI-generated code is vulnerable; they’re shipping it anyway

As AI systems discover and exploit flaws at unprecedented speed, organizations are still deploying software they know ...
TechSpot

Microsoft's June Patch Tuesday fixes a record 200 vulnerabilities, including five being actively exploited

In a nutshell: On the second Tuesday of every month, Microsoft addresses the overall security of its many software products. The Patch Tuesday tradition has continued for more than 20 years, but the ...