Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta exposed sensitive internal data despite passing every identity check. Here are the four ...

VoidStealer malware steals Chrome master key via debugger trick

An information stealer called VoidStealer uses a new approach to bypass Chrome's Application-Bound Encryption (ABE) and ...

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across ...