Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
The Hacker News

Obsidian Plugin Abuse Delivers PHANTOMPULSE RAT in Targeted Finance, Crypto Attacks

PHANTOMPULSE spreads via Obsidian plugin abuse in REF6598 campaign, targeting finance and crypto users, bypassing AV controls ...

Sonatype Releases Q1 2026 Open Source Malware Index: Trust Abuse Most Successful Attack Vector

Sonatype®, the leader in AI-driven DevSecOps, today unveiled the Q1 2026 Open Source Malware Index, identifying 21,764 malicious open source packages in the first quarter of the year and bringing the ...
InfoWorld

Hackers exploit Vercel’s trust in AI integration

Compromised Context.ai integration let attackers inherit Vercel employee access and reach internal systems, exposing a ...
CoinDesk

Kelp DAO claims LayerZero’s 'default' settings are what actually caused the massive $290 million disaster

The liquid restaking protocol said the compromised verifier was LayerZero's own infrastructure, and the setup it was faulted ...
The Hacker News

Browser Extensions Are the New AI Consumption Channel That No One Is Talking About

AI browser extensions increase enterprise risk with 60% higher vulnerabilities, bypassing DLP controls and exposing sensitive ...

What Banks Should Know About Emerging Deepfake Detection Frameworks

Financial institutions are rexamining how to manage emerging fraud risks, and deepfake-enabled identity fraud can be particularly complex.
New Electronics

Toshiba begins sampling integrated motor control device for automotive BLDC applications

Toshiba Electronics Europe has started engineering sample shipments of a new automotive motor control device that integrates ...
Morning Overview on MSN

Security researchers warn Anthropic’s Mythos could accelerate hacking

When Anthropic quietly told a small group of cybersecurity firms in early April 2026 that it had built an AI tool capable of ...
Security Boulevard

Lattice-based Cryptographic Integration for MCP Host-Client Communication

Learn how to secure Model Context Protocol (MCP) host-client communication using lattice-based PQC standards like ML-KEM and ML-DSA against quantum threats.