MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal — and don't — about agent runtime protection.

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing Secure Mode protections.

Google has analyzed AI indirect prompt injection attempts involving sites on the public web and noticed an increase in ...

AWS Rex adds runtime guardrails for agentic AI, but security leaders still need data-layer controls to satisfy compliance and ...

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even Microsoft Developer Tools.

PhantomCore exploited three TrueConf flaws since September 2025, enabling remote access and lateral movement across Russian ...

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in Capsule Security's testing, data exfiltrated anyway. Here's what security ...

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

What's CODE SWITCH? It's the fearless conversations about race that you've been waiting for. Hosted by journalists of color, our podcast tackles the subject of race with empathy and humor. We explore ...

May 2, 2026 • Motherhood in the U.S. is revered. Actual mothers? Not so much. So where's a bedraggled mom to turn when she feels overworked, overwhelmed, and underappreciated? Turns out, momfluencers ...