The cybersecurity landscape was recently rocked by the discovery of a critical Remote Code Execution (RCE) vulnerability in Microsoft’s Windows Server Update Services (WSUS) . Identified as CVE-2025-59287 and with a CVSS score of 9.8 (Critical) , this flaw poses a high and immediate risk to organizations using WSUS for centralized update management. The vulnerability is particularly dangerous because it allows a remote, unauthenticated attacker to execute arbitrary code with system privileges on the affected WSUS servers. After Microsoft released an emergency out-of-band patch on October 23, 2025, which was necessary because the initial October patch had not fully addressed the issue,

Generative Artificial Intelligence (GenAI) systems are revolutionizing the way we interact with technology, offering extraordinary capabilities in the creation of text, images, and code. However, this innovation brings with it new risks in terms of security and reliability. One of the main emerging risks is Prompt Injection , an attack that aims to manipulate the model’s behavior by exploiting its linguistic abilities. We will explore the phenomenon of Prompt Injection in a chatbot in detail, starting with the basics of prompts and Retrieval-Augmented Generation (RAG) systems, then analyze how these attacks occur and, finally, present some mitigations to reduce the risk, such