Opinion

Google: China's APT31 used Gemini to plan cyberattacks against US orgs

In the threat-intel group's most recent AI Threat Tracker report, released on Thursday and shared with The Register in advance, Google attributes this activity to APT31, a Beijing-backed crew also ...
Infosecurity-magazine.com

SQL Injection Flaw Affects 40,000 WordPress Sites

More than 40,000 WordPress sites using the Quiz and Survey Master plugin have been affected by a SQL injection vulnerability that allowed authenticated users to interfere with database queries. The ...
Forbes

When AI Agents Turn Against You: The Prompt Injection Threat Every Business Leader Must Understand

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Prompt injection attacks can manipulate AI behavior in ways that traditional cybersecurity ...
SecurityWeek

SAP’s January 2026 Security Updates Patch Critical Vulnerabilities

Enterprise software maker SAP on Tuesday announced the release of 17 new security notes as part of its January 2026 Security Patch Day. Four of the notes address critical-severity vulnerabilities. The ...
SiliconANGLE

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...
techtimes

From Visibility to Validation: How Astra Security Is Redefining Cloud Vulnerability Scanning

Cloud environments are dynamic by design. New identities are created, policies adjusted, and workloads deployed or retired several times a day. Yet many organizations continue to rely on scanning and ...
Infosecurity-magazine.com

UK NCSC Raises Alarms Over Prompt Injection Attacks

Prompt injection vulnerabilities may never be fully mitigated as a category and network defenders should instead focus on ways to reduce their impact, government security experts have warned. Then ...
ZDNet

Use an AI browser? 5 ways to protect yourself from prompt injections - before it's too late

Agentic AI browsers have opened the door to prompt injection attacks. Prompt injection can steal data or push you to malicious websites. Developers are working on fixes, but you can take steps to stay ...
Bleeping Computer

SAP fixes hardcoded credentials flaw in SQL Anywhere Monitor

SAP has released its November security updates that address multiple security vulnerabilities, including a maximum severity flaw in the non-GUI variant of the SQL Anywhere Monitor and a critical code ...
TechCrunch

The glaring security risks with AI browser agents

New AI-powered web browsers such as OpenAI’s ChatGPT Atlas and Perplexity’s Comet are trying to unseat Google Chrome as the front door to the internet for billions of users. A key selling point of ...
Lifehacker

ChatGPT's AI Browser Has a Nasty Security Vulnerability

Jake Peterson is Lifehacker’s Tech Editor, and has been covering tech news and how-tos for nearly a decade. His team covers all things technology, including AI, smartphones, computers, game consoles, ...