Cybernews

Researchers hijack popular AI agents from Anthropic, Google, and Microsoft: vendors choose to stay silent

According to researchers, this is the first public cross-vendor demonstration of a single prompt injection pattern across ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
The Hacker News

April Patch Tuesday Fixes Critical Flaws Across SAP, Adobe, Microsoft, Fortinet, and More

Critical SAP, Adobe, Fortinet, and Microsoft flaws disclosed in April Patch Tuesday, enabling RCE and data theft risks.
Dark Reading

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...
SecurityWeek

SAP Patches Critical ABAP Vulnerability

SAP has released 19 new security notes on its April 2026 security patch day, including one that resolves a critical-severity ...
CSO Online

April Patch Tuesday roundup: Zero day vulnerabilities and critical bugs

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities, ...