ModSecurity, a widely used open-source web application firewall (WAF), has multiple security vulnerabilities that allow attackers to bypass detection with specially crafted HTTP requests. These vulnerabilities, identified as CVE-2026-52761 and CVE-2026-52747, affect ModSecurity versions up to 3.0.15. They have been addressed in version 3.0.16. These issues reveal significant inconsistencies in input transformation and request parsing, […]
The post ModSecurity Security Flaws Enable WAF Rule Evasion With Crafted HTTP Requests appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

SkillCloak Lets Malicious AI Agent Skills Evade Static Scanners with Self-Extracting Packing
Scanners meant to catch malicious add-on “skills” for AI coding agents can be fooled by a few simple changes that leave the malware working, according


