TechRepublic

Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files

Perplexity AI Browser Flaw Could Let Calendar Invites Access Local Files Your email has been sent A security flaw in Perplexity’s AI-powered Comet browser could ...
winbuzzer.com

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft patched a high-severity command injection vulnerability in Windows Notepad through its February 2026 Patch Tuesday updates that allows attackers to execute malicious code remotely via ...
TechSpot

Unwanted AI upgrade to Windows Notepad created a serious security flaw

The big picture: Microsoft released its latest Patch Tuesday update this week with 59 hotfixes across Windows, Microsoft Office, Azure, and core system components. The update includes patches for six ...
VentureBeat

Infostealers added Clawdbot to their target lists before most security teams knew it was running

Clawdbot's MCP implementation has no mandatory authentication, allows prompt injection, and grants shell access by design. Monday's VentureBeat article documented these architectural flaws. By ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

A set of three security vulnerabilities has been disclosed in mcp-server-git, the official Git Model Context Protocol (MCP) server maintained by Anthropic, that could be exploited to read or delete ...
Dark Reading

More Problems for Fortinet: Critical FortiSIEM Flaw Exploited

The year has barely begun, but 2026 is already in familiar territory for Fortinet customers, as a new vulnerability has come under attack. On Jan. 13, Fortinet disclosed a critical flaw in its ...
GitHub

seacms v 13.2 admin_manager.php SQL injection vulnerability

We used delayed injection to prove the vulnerability exists. The path zqbmkk is the backend login path automatically assigned by the system during the initial installation, and it is unique for each ...
USA Today

Is Saks closing stores? What we know amid CEO changes, bankruptcy

Saks Global, which owns luxury brand Saks Fifth Avenue and its discounted division Saks Off Fifth, is announced a series of leadership changes and a bankruptcy filing, leaving consumers wondering if ...
CSOonline

Critical jsPDF vulnerability enables arbitrary file read in Node.js deployments

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated. A now-fixed critical flaw in the jsPDF library could ...
The Hacker News

Critical LangChain Core Vulnerability Exposes Secrets via Serialization Injection

A critical security flaw has been disclosed in LangChain Core that could be exploited by an attacker to steal sensitive secrets and even influence large language model (LLM) responses through prompt ...
SiliconANGLE

Critical ‘LangGrinch’ vulnerability in langchain-core puts AI agent secrets at risk

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a recently uncovered critical vulnerability on langchain-core, the foundational library behind ...