Amazon Q Developer Flaw Could Let Malicious Repos Run Code via MCP Configs
Swati KhandelwalJun 26, 2026AI Security / Vulnerability A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud…
Swati KhandelwalJun 26, 2026AI Security / Vulnerability A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer’s cloud…
Metropolitan Police commissioner Mark Rowley has set out the force’s plan to drastically upscale its use of artificial intelligence (AI), live facial recognition (LFR) and…
The Linux Foundation on Thursday announced a new industry effort aimed at efficiently addressing vulnerabilities in the open source software (OSS) ecosystem. Named Akrites, it…
Third-Party Breach at Polymarket Leads to $2.94M Crypto Theft Pierluigi Paganini June 26, 2026 Polymarket confirmed hackers stole funds from some users after attackers injected…
The reporting requirement would also apply to theft or attempted theft of model weights, capabilities that could materially enable offensive cyber operations against important software…
Closing the Loop: Why Reactive Still Matters Modern cloud attacks move at machine speed. And even with the automated, risk-based ConMon and “Secure by Design”…
Polymarket says it will fully reimburse customers who lost an estimated $3 million after hackers injected a malicious script into the platform’s frontend following a…
Anthropic has confirmed that Claude Mythos 5, its most powerful AI cybersecurity model, will be redeployed to a select set of U.S. organizations responsible for…
Hackers have weaponized a WinRAR path-traversal flaw tracked as CVE-2025-8088 to silently plant a Startup shortcut and run a multi-stage PowerShell loader that maps a…
Kaspersky researchers have uncovered a previously unknown cyberattack campaign that has compromised government organizations and software development companies in multiple countries. They first stumbled onto…
A newly discovered cyber attack campaign has been observed delivering a previously undocumented malware family called SharkLoader that acts as a loader for deploying Cobalt…
Evidence of “vulgar and highly sexualised language” was found by an independent investigation into the UK’s former information commissioner John Edwards, leading to his resignation…