Unwanted AI upgrade to Windows Notepad created a serious security flaw

According to Microsoft's release notes, the update fixes 25 elevation of privilege flaws, 12 remote code execution ...
The Hacker News

China-Linked Amaranth-Dragon Exploits WinRAR Flaw in Espionage Campaigns

China-linked Amaranth-Dragon and Mustang Panda target Southeast Asian governments using WinRAR exploit and PlugX phishing ...

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
The Hacker News

OpenClaw Bug Enables One-Click Remote Code Execution via Malicious Link

A high-severity OpenClaw flaw allows one-click remote code execution via token theft and WebSocket hijacking; patched in ...
Infosecurity Magazine

New Hacking Campaign Exploits Microsoft Windows WinRAR Vulnerability

A hacking campaign took just days to exploit a newly disclosed security vulnerability in Microsoft Windows version of WinRAR, ...

Notepad's new Markdown powers served with a side of remote code execution

Smug faces across all those who opposed the WordPad-ification of Microsoft's humble text editor Just months after Microsoft added Markdown support to Notepad, researchers have found the feature can be ...

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...
CSO Online

CISOs must separate signal from noise as CVE volume soars

FIRST forecasts a record surge in disclosed vulnerabilities in 2026, but security researchers say most will not translate ...

Hugging Face Repositories Abused in New Android Malware Campaign

Attackers exploited Hugging Face’s trusted infrastructure to spread an Android RAT, using fake security apps and thousands of ...
The Fast ModeOpinion

2026 Will Be the Year Defense Must Match the Speed of AI-Powered Offense

The advantage in 2026 won't come from processing more alerts or writing faster signatures, it will come from recognizing ...

How recruitment fraud turned cloud IAM into a $2 billion attack surface

Adversaries weaponized recruitment fraud to steal cloud credentials, pivot through IAM misconfigurations, and reach AI ...

The New Perimeter Is Identity — And It’s Moving Faster Than We Are

As AI shifts from helpful copilot to independent operator, enterprises are discovering that identity—not networks or ...