Flaws in Popular Software Development App Extensions Allow Data Exfiltration
Four serious new vulnerabilities affect Microsoft Visual Studio Code, Cursor and Windsurf extensions, three of which remain unpatched
General
20 articles
Researchers Reveal Six New OpenClaw Vulnerabilities
Endor Labs has published details of six new vulnerabilities in popular AI assistant OpenClaw
Is Poshmark safe? How to buy and sell without getting scammed
Like any other marketplace, the social commerce platform has its share of red flags. It pays to know what to look for so you can shop or sell without headaches.
Smashing Security podcast #455: Face off: Meta’s Glasses and America’s internet kill switch
Could America turn off Europe's internet? That’s one of the questions that Graham and special guest James Ball will be exploring as they discuss tech soverei...
OneClaw: Discovery and Observability for the Agentic Era
Prompt Security from SentinelOne turns hidden agent activity into clear, actionable governance intelligence with the release of OneClaw.
Carelessness versus craftsmanship in cryptography
Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bug...
Dutch police arrest man for “hacking” after accidentally sending him confidential files
Police in The Netherlands say they have arrested a 40-year-old man on suspicion of hacking..
Shadow Agents: How SentinelOne Secures the AI Tools That Act Like Users
SentinelOne secures AI from infrastructure to agents, delivering visibility, governance, and control at scale.
Android 17 Beta Introduces Secure-By-Default Architecture
Android 17 Beta introduces privacy, security updates and a new Canary channel for improved development
Apple Expands RCS Encryption and Memory Protections in iOS 26.4
iOS 26.
Securing the Agentic Endpoint
Secure the Agentic Endpoint. Traditional security misses the risk of AI agents.
Over-Privileged AI Drives 4.5 Times Higher Incident Rates
Teleport study reveals that organizations running over-privileged AI have a 76% incident rate
Introducing Unit 42 Managed XSIAM 2.0
Unit 42 Managed XSIAM 2.0 delivers a 24/7 managed SOC with continuous detection, investigation, and full-cycle remediation.
Is it OK to let your children post selfies online?
When it comes to our children’s digital lives, prohibition rarely works. It’s our responsibility to help them build a healthy relationship with tech.
Building an AI-powered defense-in-depth security architecture for serverless microservices
March 10, 2026: This post has been updated to note that Amazon Q Detector Library describes the detectors used during code reviews to identify security and q...
Vulnerabilities in Password Managers Allow Hackers to View and Change Passwords
Security researchers have challenged end-to-end encryption claims from popular commercial password managers
SMEs Wrong to Assume They Won’t Be Hit by Cyber-Attacks, NCSC Boss Warns
NCSC’s Richard Horne has warned that cybercriminals do not care about business size and called for SMEs to act now to secure their organizations
Crypto Payments to Human Traffickers Surges 85%
Chainalysis warns that online fraud is fuelling sophisticated human trafficking operations
Network Intelligence: Your Questions, Global Answers
Learn how network intelligence gives security teams control over threat investigation with global visibility—no more drowning in generic, passive threat feeds.
Munich Security Conference: Cyber Threats Lead G7 Risk Index, Disinformation Ranks Third
G7 countries ranked cyber-attacks as the top risk, while BICS members placed cyber threats only as the eighth most pressing risk