Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via ...
SecurityWeek

VS Code Configs Expose GitHub Codespaces to Attacks

Attackers can abuse VS Code configuration files for RCE when a GitHub Codespaces user opens a repository or pull request.
CSO Online

Software supply chain risks join the OWASP top 10 list, access control still on top

There were some changes to the recently updated OWASP Top 10 list, including the addition of supply chain risks. But old ...

New Research from UpGuard: 1 in 5 Developers Grant AI Vibe Coding Tools Unrestricted Workstation Access

In using AI to improve efficiency, developers are granting extensive permissions to download content from the web, and read, write, and delete files on their machines without requiring developer ...
Tech Times

Top 5 Best Customer Identity and Access Management (CIAM) Solutions in 2026

Discover the best customer identity and access management solutions in 2026. Compare top CIAM platforms for authentication, ...
SecurityWeek

Vulnerability Allows Hackers to Hijack OpenClaw AI Assistant

OpenClaw patched a critical vulnerability that could be exploited to hijack the increasingly popular AI assistant.

Critical n8n flaws disclosed along with public exploits

Multiple critical vulnerabilities in the popular n8n open-source workflow automation platform allow escaping the confines of ...
Dark Reading

OpenClaw's Gregarious Insecurities Make Safe Usage Difficult

Malicious "skills" and persnickety configuration are just a few issues that security researchers have found when installing the OpenClaw AI assistant.

The Double-Edged Sword of Non-Human Identities

Leaked non-human identities like API keys and tokens are becoming a major breach driver in cloud environments. Flare shows ...
GovInfoSecurity

Zscaler Purchases SquareX to Secure Browsers Without Agents

Zscaler has acquired SquareX to deliver browser security through extensions rather than endpoint agents or stand-alone browsers. CEO Jay Chaudhry said the approach ...

Popular open-source coding application targeted in Chinese-linked supply-chain attack

By AJ Vicens Feb 2 (Reuters) - A Chinese-linked cyberespionage group with a long history hijacked the update process for the ...

Moltbook, the viral social media site for AI bots, contains a ‘lethal trifecta’ for how the agent internet could fail, security researchers say

If toy agents on a Reddit clone can create this much chaos, what happens when agentic systems manage enterprise ...