Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

A new ClickFix attack variant uses fake CAPTCHA pages instructing victims to paste and execute malicious commands in Windows Terminal.

First of four parts Before we can understand how attackers exploit large language models, we need to understand how these models work. This first article in our four-part series on prompt injections ...

Ecommerce platforms represent one of the most consistently targeted areas of the modern digital estate. They process payment ...

A practical MCP security benchmark for 2026: scoring model, risk map, and a 90-day hardening plan to prevent prompt injection, secret leakage, and permission abuse.

The new attack surface management feature upgrade is designed to help combat alert fatigue by focusing on validated vulnerabilities, allowing security teams to cut through the noise and tackle ...

Democrats are experimenting with a new message casting President Donald Trump’s Cabinet and wealthy allies as the “Epstein class,” an attempt to channel anti-elite anger and recast the president’s ...

In Hawaii, soldiers from the 1st Battalion, 35th Infantry Regiment conduct a first-person view attack drone exercise, using one-way drones to simulate lethal strikes. The training showcases how drone ...

Run a prompt injection attack against Claude Opus 4.6 in a constrained coding environment, and it fails every time, 0% success rate across 200 attempts, no safeguards needed. Move that same attack to ...

This score calculates overall vulnerability severity from 0 to 10 and is based on the Common Vulnerability Scoring System (CVSS). Attack vector: More severe the more the remote (logically and ...