Proton Launches Credential Tokens to Tackle AI Agent Security Gap
A growing tension sits at the heart of enterprise AI deployments: organisations want agents to act autonomously, yet handing over passwords and API keys to…
Latest Cybersecurity News — Page 16
View all →
A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale
A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively…
Apache OFBiz RCE Flaw Abuses Password-Change Restrictions for Authentication Bypass
A critical authentication bypass vulnerability in Apache OFBiz allows attackers to hijack forced password-change flows and achieve remote code execution (RCE) via a single HTTP…
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
A global mobile billing fraud campaign has been targeting Android users by silently subscribing them to expensive premium text services. Zimperium zLabs, which reported this…
Microsoft Defender vulnerabilities exploited in the wild (CVE-2026-41091, CVE-2026-45498)
Attackers are exploiting two Microsoft Defender vulnerabilities (CVE-2026-41091 and CVE-2026-45498), Microsoft acknowledged and CISA confirmed by adding them to its Known Exploited Vulnerabilities catalog. The…
TikTok, YouTube, and Roblox face scrutiny, but age gates won’t fix child safety
A damaging new report from Ofcom, the UK’s communications regulator, has delivered a stark verdict: TikTok and YouTube’s content feeds are “not safe enough” for children.…
When Identity is the Attack Path
Consider a cached access key on a single Windows machine. It got there the way most cached credentials do – a user logged in, and…
Fujitsu finally thrown out of Post Office in £500m Horizon replacement deals
The Post Office is set to sign £500m in contracts that will finally end use of the controversial Horizon system and its supplier, Fujitsu. Accenture…
End-to-End Encryption Expands Across Discord Platform
Discord has officially rolled out end-to-end encryption for all voice and video calls across its platform, marking a major shift in how the company approaches…
MAPO Token Crashes 96% After Cross-Chain Bridge Exploit
The cryptocurrency market witnessed another major security breach this week after the MAPO token collapsed by 96% following an exploit tied to the Butter Network…
Mini Shai-Hulud worm injects disk wiper into Microsoft Azure PyPI package
Supply chain attacks with a Dune sci-fi saga branding continue to spread across the open-source ecosystem, with a Microsoft package being among the latest target…
Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking
Drupal has patched a highly critical vulnerability that could allow threat actors to hack websites powered by the open source content management system (CMS). The…