Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...

Critical Fortinet Forticlient EMS flaw now exploited in attacks

Attackers are now actively exploiting a critical vulnerability in Fortinet's FortiClient EMS platform, according to threat intelligence company Defused.

GrafanaGhost: The AI That Leaked Everything Without Being Hacked

A newly disclosed vulnerability reveals how AI assistants can become invisible channels for data exfiltration — and why ...

Massive Chrome Extension Scam Exposes 20,000 Users to Data Theft

Researchers linked 108 malicious Chrome extensions to a coordinated campaign that exposed about 20,000 users to data theft, ...
ZDNet

How to share a tiny, perfect link to any Amazon product (there's a magic button)

I wore the world's first HDR10 smart glasses TCL's new E Ink tablet beats the Remarkable and Kindle Anker's new charger is one of the most unique I've ever seen Best laptop cooling pads Best flip ...

108 malicious Chrome extensions found stealing data and injecting ads into every page you visit

Security researchers have uncovered a new coordinated campaign which uses malicious extensions to steal user data and hijack browsing sessions.