Kristi Noem ousted as Homeland Security boss after scrutiny over deportation drive

US President Donald Trump says that Republican Senator Markwayne Mullin will replace Kristi Noem as Homeland Security ...

QuickLens Chrome extension steals crypto, shows ClickFix attack

A Chrome extension named "QuickLens - Search Screen with Google Lens" has been removed from the Chrome Web Store after it was ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 ...
CPO Magazine

Security Research Finds OpenClaw AI Agent “Trivially Vulnerable” to Hijacking

The Oasis researchers document a vulnerability chain that can be initiated from any website the AI agent (or its user) visits ...
The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...

ClawJacked attack let malicious websites hijack OpenClaw to steal data

Security researchers have disclosed a high-severity vulnerability dubbed "ClawJacked" in the popular AI agent OpenClaw that ...
The Hacker News

Thousands of Public Google Cloud API Keys Exposed with Gemini Access After API Enablement

Research reveals 2,863 public Google API keys can access Gemini endpoints, enabling data exposure and massive billing abuse.
Security Boulevard

N8N: Shared Credentials and Account Takeover

Executive Summary We identified a security weakness in n8n’s credential management layer that could have completely ...
SecurityWeek

OpenClaw Vulnerability Allowed Websites to Hijack AI Agents

An OpenClaw vulnerability allowed malicious websites to take over AI agents, exposing sensitive information and enabling data ...
CPO Magazine

Researchers Warn Benign Google API Keys Could be Exploited to Rack Up Gemini AI Bills

Researchers with Truffle Security are warning that old and seemingly benign Google API keys might now be weaponized by threat ...

AI Agents Broke Your Security Stack. Here’s What Comes Next

Shreyans Mehta is the cofounder and CTO of Cequence Security, a pioneer of unified application and API protection.

Iran wants this conflict to spread but may there be another tactic - more fearsome and intimidating

Some wars start slowly while others spring to life at speed. This one is racing, transforming nations, politics and loyalties ...