SQLi flaw in Elementor Ally plugin impacts 250k+ WordPress sites

An SQL injection vulnerability in Ally, a WordPress plugin from Elementor for web accessibility and usability with more than 400,000 installations, could be exploited to steal sensitive data without ...

Microsoft Confirms SQL Zero-Day Security Vulnerability—Here’s The Fix

Microsoft has confirmed that a hacker who successfully exploits a zero-day SQL vulnerability could gain system administrator privileges. Here’s how to fix it.
SDxCentral

Splunk suite at threat from remote code execution

Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows bad actors to carry out arbitrary shell commands directly on the host ...

Critical 0-Click Microsoft Excel Security Bug Lets Copilot Steal Data

Excel users are warned to update now, as a critical vulnerability has been confirmed that can lead to “zero-click information ...
The Hacker News

New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries

Nine “LeakyLooker” flaws in Google Looker Studio allowed cross-tenant SQL access across GCP services before being patched.
Medicine Buffalo

How Splunk Works with UB Box

Learn how Splunk works with UB Box, and how to gain access. When a restricted data folder is approved and provisioned, monitoring via Splunk is also established and access to Splunk is given to the ...