Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
GovInfoSecurity

CrowdStrike Tests Claude Mythos for Vulnerability Detection

CrowdStrike's early testing of Anthropic's new Claude Mythos Preview AI model shows faster vulnerability detection and ...
Futurism on MSN

Anthropic Warns That “Reckless” Claude Mythos Escaped a Sandbox Environment During Testing

"The researcher found out about this success by receiving an unexpected email from the model while eating a sandwich in a ...
Security Boulevard

Claude Mythos and the AI Vulnerability Arms Race – What CISOs Must Know Now

Claude Mythos discovered vulnerabilities that survived 27 years of human review. This technical breakdown covers how it works ...
Homeland Security Today

Securing IoT and ICS Devices Through Deliberate Exposure Testing for eXploits (DETOX)

Internet of Things (IoT) devices are predicted to grow at a phenomenal rate, high enough to require more bandwidth than currently available via current wireless technologies, leading to a requirement ...
CSOonline

Putting AI-assisted ‘vibe hacking’ to the test

Valuable tools for experienced attackers and researchers, LLMs are not yet capable of creating exploits at a prompt, researchers found in a test of 50 AI models — some of which are getting better ...
CSO Online

Patch windows collapse as time-to-exploit accelerates

AI and the industrialization of cybercrime are helping attackers double the number of high- and critical-severity known ...
Bleeping Computer

Exploits for pre-auth Fortinet FortiWeb RCE flaw released, patch now

Proof-of-concept exploits have been released for a critical SQLi vulnerability in Fortinet FortiWeb that can be used to achieve pre-authenticated remote code execution on vulnerable servers. FortiWeb ...
Security Boulevard

46 Vulnerability Statistics 2026: Key Trends in Discovery, Exploitation, and Risk

Vulnerability attacks rose 56% in 2025. Explore 46 statistics on CVE disclosure, exploitation patterns, and industry impact to guide your 2026 security strategy. The post 46 Vulnerability Statistics ...
Bleeping Computer

Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named “Coruna” has been deployed by multiple threat actors in targeted espionage campaigns and financially motivated attacks. The Coruna kit contains ...