A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.

With version 1.3.0, Plane receives many important updates: Gitea login, improved interface, and new API endpoints are coming ...

A newly disclosed security flaw in Axios, one of the most widely used HTTP client libraries in the JavaScript ecosystem, has raised concern across software and cloud security teams after official ...

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

Multiple vulnerabilities in the Orthanc DICOM server could be exploited to cause crashes, leak information, or execute ...

A newly disclosed vulnerability reveals how AI assistants can become invisible channels for data exfiltration — and why ...

CISA adds six exploited vulnerabilities, including Fortinet and Exchange flaws, requiring FCEB patching by April 27, 2026.

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

The design flaw in Flowise’s Custom MCP node has allowed attackers to execute arbitrary JavaScript through unvalidated ...

Security researchers have uncovered a new coordinated campaign which uses malicious extensions to steal user data and hijack browsing sessions.

A technical build log of the Multi-Agent Control Room, where AI agents pay invoices, escalate denials, and every action is ...

Threat actors using a previously undocumented phishing-as-a-service (PhaaS) platform called "VENOM" are targeting credentials ...