SecurityWeek

Drupal Patches Highly Critical Vulnerability Exposing Websites to Hacking

Drupal has patched CVE-2026-9082, a highly critical vulnerability that could allow threat actors to hack websites.
CSO Online

Drupal admins rushing to patch maximum severity SQL injection vulnerability

Administrators of the Drupal open source content management platform are rushing to install an emergency patch issued today ...
CSO Online

New image-based prompt injection attack targets multimodal AI models

Researchers say the technique can manipulate how vision-language models interpret both images and user prompts.
Biometric Update

KYC in the age of LLMs: Why agent-based ID scanning can ruin your business

The use of agentic orchestration in security-critical workflows without multi-layered defense architecture can lead to ...
Security Boulevard

Benchmarking AI Pentesting Tools: A Practical Comparison

Escape, Shannon, Strix, PentAGI, and Claude against a modern vulnerable application. Learn more about their detection rates, false positive rates, and scanning speed.
VentureBeat

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...
Forbes

Web-Based Video Editor Billed As The Future Of Collaborative Video

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. The browser-based elevate.io is designed for teams to collaborate in the creation of video ...
Forbes

Google Ships WebMCP, The Browser-Based Backbone For The Agentic Web

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Google has shipped WebMCP through Chrome 146 Canary, a new protocol that lets websites ...
Jurist

‘Lethal Injection is Based on the Illusion of Science’: An Interview with Law Professor Corinna Barrett Lain

In this interview, law professor Corinna Barrett Lain discusses her book “Secrets of the Killing State,” which exposes the troubling realities behind lethal injection as a method of execution. Lain, a ...
PC World

Rejoice! Razer Synapse now works on the web, no install needed

Razer has launched a web-based beta version of its Synapse software, allowing users to customize gaming peripherals directly through their browser without installing local software. PCWorld reports ...
Visual Studio Magazine

'VS Code for the Web -- Azure' Adds Faster Entry Points for Browser-Based Cloud Development

Microsoft expanded its browser-based development tooling with recent updates to VS Code for the Web -- Azure, introducing faster entry points for moving AI-generated code into an editable, ...
Infosecurity-magazine.com

Claude Desktop Extensions Vulnerable to Web-Based Prompt Injection

Researchers at Koi Security have found that three of Anthropic’s official extensions for Claude Desktop were vulnerable to prompt injection. The vulnerabilities, reported through Anthropic's HackerOne ...