CSO Online

Claude in Chrome is taking orders from the wrong extensions

Security researchers warn that Anthropic’s Claude in Chrome extension can be abused by malicious extensions that exploit ...

CERT-In Warns of WhatsApp Flaws That Could Enable Cyber Attacks

India’s cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has warned users about several security ...

Palo Alto warns of critical firewall flaw, tells users a patch is on the way

Risks can be mitigated through settings, while Palo Alto works on a patch.
Tech.eu

Meet the French startup fixing the guardrail gap holding enterprise AI back

As Europe pushes for sovereign AI infrastructure, Giskard is securing enterprise AI agents against manipulation, unsafe ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
InfoWorld

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
InfoQ

Inside Claude Code Auto Mode: Anthropic’s Autonomous Coding System with Human Approval Gates

Anthropic has introduced auto mode in Claude Code, enabling multi-step software development workflows with reduced manual ...

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
Morning Overview on MSN

SharePoint zero-day CVE-2026-32201 allows remote code execution with no privileges required — 1,300+ servers still exposed

A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 ...
The Hacker News

Linux Kernel Dirty Frag LPE Exploit Enables Root Access Across Major Distributions

Dirty Frag exposes Linux systems to root escalation through chained kernel flaws, impacting Ubuntu, RHEL, Fedora, and others.
People

The 2026 Met Gala Theme and Dress Code, Explained

The star-studded event — where the dress code is "Fashion is Art" — will take place tonight at the Metropolitan Museum of Art Catherine Santino is a Style Writer-Reporter at PEOPLE. She began ...