More than 40,000 WordPress sites affected by new malware flaw

A popular WordPress quiz plugin can be abused to mount SQL injection attacks ...
Dark Reading

Google Looker Bugs Allow Cross-Tenant RCE, Data Exfil

Attackers could even have used one vulnerable Lookout user to gain access to other Google Cloud tenants' environments.
Security Info Watch

Tenable Research Exposes “LookOut” Vulnerabilities in Google Looker, Raising Stakes for Self-Hosted Users

Critical remote code execution and database theft flaws highlight patching gaps and the hidden risk inside business ...
Security Boulevard

MCP security: How to prevent prompt injection and tool poisoning attacks

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...
Security Boulevard

Agentic AI and Non‑Human Identities Demand a Paradigm Shift In Security: Lessons from NHIcon 2026

In the race to innovate, software has repeatedly reinvented how we define identity, trust, and access. In the 1990's, the web made every server a perimeter. In the 2010's, the cloud made every ...
The Utah Statesman

Students hack robots, gain confidence in tech

The event — hosted by the USU Student Organization of Cybersecurity, or SOC, and led by the USU Baddies of Tech Club, or BOT ...

Russian-state hackers exploit Office vulnerability to infect computers

Russian-state hackers wasted no time exploiting a critical Microsoft Office vulnerability that allowed them to compromise the ...

Hackers compromise NGINX servers to redirect user traffic

A threat actor is compromising NGINX servers in a campaign that hijacks user traffic and reroutes it through the attacker's ...

I hacked my own computer using OpenClaw and it was terrifyingly easy

Agentic AI tools like OpenClaw promise powerful automation, but a single email was enough to hijack my dangerously obedient ...
SecurityWeek

Security Analysis of Moltbook Agent Network: Bot-to-Bot Prompt Injection and Data Leaks

AI agent social network Moltbook vulnerability exposing sensitive data and malicious activity conducted by the bots.

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
CNET

The Age of Promptware: How AI Hacking Is Threatening the Smart Home, and What to Do

Prompt injections have become one of the biggest emerging threats to the modern home as AI adoption grows. It's a new era of malware -- and one that requires new defenses. Tyler Lacoma Editor / Home ...