OpenClaw Is a Security Nightmare Dressed Up as a Daydream

https://composio.dev/content/openclaw-security-and-vulnerabilities

#HackerNews #OpenClaw #Security #Nightmare #Daydream #Vulnerabilities #Composio

Trivy Security incident 2026-03-19

https://github.com/aquasecurity/trivy/discussions/10425

#HackerNews #Trivy #Security #incident #2026-03-19 #cybersecurity #Trivy #security #incident #news #security #vulnerabilities #GitHub #discussions

[ Blog ] Veeam v12.3.2.4165 #patch

Veeam has released a new Veeam v12.3.2.4165 patch to resolve some security vulnerabilities.

Installing this patch is strongly recommended to mitigate potential critical security risks.

 
Resolved vulnerabilities
This patch addresses the following vulnerabilities:

CVE-2025-48982 - Severity: High | CVSS v3.1 http://rviv.ly/1VBD34 #CVE #CVE #CVE #vulnerabilities

Our pentest professionals at #usdHeroLab identified several vulnerabilities in #KofaxCommunicationServer (KCS) and in the #ArcGIS scripting language Arcade ranging from path traversal to XSS.

All #vulnerabilities were responsibly reported to the vendors.

👉 Details on our #SecurityAdvisories can be found here: https://www.usd.de/en/security-advisories-kofax-communication-server-arcgis-arcade/

#Kofax #InfoSec #CyberSecurity #Pentesting #AppSec #Hacking

Hacking a Robot Vacuum

Someone tries to remote control his own DJI Romo vacuum, and ends up controlling 7,000 of them from all around the world.
The I... https://www.schneier.com/blog/archives/2026/03/hacking-a-robot-vacuum.html

#InternetofThings #vulnerabilities #Uncategorized

So I have a habit of running the latest versions of #ChromeCanary and #FirefoxNightly just because I don't want to fall behind on #SecurityUpdates, to test for #compatibility and other issues and to sstay ahead of any #vulnerabilities in my #browser because I store a lot of #passwords locally in my profiles among other information that I don't #sync online.

Well, lately, every time the browser updates, I keep having to #SignIn to different services like #ChatGPT #Google for #GMail and #Microsoft #Outlook etc.

Nothing changed in my #configuration and I didn't install any #extensions that I know of which would do this.

Ever since #Windows #11 version #29550 came out, this has been a frequent occurrence.

Coincidence?

📢 BSides Luxembourg 2026: Next Session Announced!

𝗛𝗢𝗪 𝗧𝗢 𝗥𝗘𝗔𝗗 𝗖𝗢𝗗𝗘 𝗧𝗢 𝗙𝗜𝗡𝗗 𝗩𝗨𝗟𝗡𝗘𝗥𝗔𝗕𝗜𝗟𝗜𝗧𝗜𝗘𝗦 (2h Workshop) with Louis Nyffenegger (@snyff ), 6 May

The industry needs more security code reviewers. Vulnerabilities are getting deeper, not simpler, and modern applications fail in subtle ways that scanners, and even AI, routinely miss. Meanwhile, developers are writing less code and reviewing more of it than ever (hopefully).

This workshop is a fast, hands-on introduction to reading code with a security mindset. Through real CVE-inspired examples, you’ll see how tiny inconsistencies, misplaced assumptions, and misunderstood framework behaviour turn into real, exploitable flaws. You’ll learn how to detect red flags quickly, identify dangerous patterns in small snippets, and build intuition for where vulnerabilities hide. Whether you’re a developer, pentester or security engineer, you’ll walk away with a foundational methodology for performing clear, consistent, and reliable code reviews.

Led by Louis Nyffenegger: PentesterLab founder, appsec expert (ex-National Bank of Australia, Australia Post, Fitbit), DEFCON/Kawaiicon/BSides speaker, AppSecSchool YouTuber https://pretalx.com/orga/event/bsidesluxembourg-2026/speakers/CZM8Q8/
​
📅 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
🗓️ Schedule link: https://pretalx.com/bsidesluxembourg-2026/schedule/

#BSidesLuxembourg2026 #CodeReview #Vulnerabilities #Security