Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 ...

Oversecured flagged 1,575 flaws in 10 Android health apps with 14.7M installs, putting chats, CBT notes, and mood logs at risk, per BleepingComputer.

North Korea-linked ScarCruft’s Ruby Jumper uses Zoho WorkDrive C2 and USB malware to breach air-gapped systems for ...

PCWorld reports that Google’s Threat Intelligence Group discovered state-sponsored hackers from Russia and China actively exploiting a critical WinRAR vulnerability (CVE-2025-8088). This security flaw ...

Saks Global, which owns luxury brand Saks Fifth Avenue and its discounted division Saks Off Fifth, is announced a series of leadership changes and a bankruptcy filing, leaving consumers wondering if ...

Microsoft has fixed a vulnerability in its Copilot AI assistant that allowed hackers to pluck a host of sensitive user data with a single click on a legitimate URL. The hackers in this case were white ...

On Monday, Anthropic announced a new tool called Cowork, designed as a more accessible version of Claude Code. Built into the Claude Desktop app, the new tool lets users designate a specific folder ...

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated. A now-fixed critical flaw in the jsPDF library could ...

Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its Copilot AI assistant constitute security vulnerabilities. The ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...

Even as OpenAI works to harden its Atlas AI browser against cyberattacks, the company admits that prompt injections, a type of attack that manipulates AI agents to follow malicious instructions often ...