Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta exposed sensitive internal data despite passing every identity check. Here are the four post-authentication gaps in enterprise IAM that made it possible — and the governance ...
Forbes

Mozilla Issues Firefox System Takeover Security Update

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Update Firefox and Thunderbird now. Mozilla has confirmed a security issue affecting all ...
TechSpot

Unwanted AI upgrade to Windows Notepad created a serious security flaw

The big picture: Microsoft released its latest Patch Tuesday update this week with 59 hotfixes across Windows, Microsoft Office, Azure, and core system components. The update includes patches for six ...
Bleeping Computer

Trend Micro warns of critical Apex One code execution flaws

Japanese cybersecurity software firm Trend Micro has patched two critical Apex One vulnerabilities that allow attackers to gain remote code execution (RCE) on vulnerable Windows systems. Apex One is ...

GlassWorm malware hits 400+ code repos on GitHub, npm, VSCode, OpenVSX

The GlassWorm supply-chain campaign has returned with a new, coordinated attack that targeted hundreds of packages, ...
TechRadar

Google patches first Chrome zero-day of the year - so update now or face attack

Google patches Chrome zero-day CVE-2026-2441, a “use after free” bug in CSS Exploit allowed arbitrary code execution via crafted HTML pages, actively abused in the wild Update to Chrome ...
TechRadar

Apple fixes dangerous zero-day flaw affecting macOS, iOS and more - update now to avoid 'extremely sophisticated attack'

Apple patches zero-day CVE-2026-20700 in Dynamic Link Editor (dyld) Flaw enabled arbitrary code execution, used in sophisticated targeted attacks Fixes released in iOS, iPadOS, macOS, tvOS, watchOS, ...
Infosecurity-magazine.com

Google Warns of In the Wild Exploit as It Patches New Chrome Zero Day

Google has released a security update to patch a newly discovered zero-day in Chrome and the company warned an exploit exists in the wild. The update, published on February 13, was accompanied by an ...

Fake Claude Code Spreads Malware to Windows, macOS Users

Attackers are using fake Claude Code install pages and malicious search ads to spread infostealer malware targeting Windows and macOS systems.
PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...
Hosted on MSN

Anthropic Claude Code's security flaws expose devices to silent hacking, triggered from remote code execution; claims report

Security researchers claim to have uncovered three security vulnerabilities in Claude Code, Anthropic’s command-line AI tool. These flaws could have allowed attackers to execute code remotely on a ...