Catch a Baddie Codes (April 2026)

There’s a whole island of baddies out there, and apparently, your job is to catch them all, bring them to your pen, and put ...
SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.
The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...