CSO Online

February 2026 Patch Tuesday: Six new and actively exploited Microsoft vulnerabilities addressed

Also today, SAP released 27 new and updated security notes, including two that address critical-severity vulnerabilities. Jonathan Stross, SAP security analyst at Pathway, drew attention to a code ...

10K Claude Desktop Users Exposed by Zero-Click Vulnerability

A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google ...

Anthropic published the prompt injection failure rates that enterprise security teams have been asking every vendor for

Anthropic's Opus 4.6 system card breaks out prompt injection attack success rates by surface, attempt count, and safeguard ...
CSO Online

Critical BeyondTrust RS vulnerability exploited in active attacks

Researchers have detected attacks that compromised Bomgar appliances, many of which have reached end of life, creating problems for enterprises seeking to patch.

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond

These 4 critical AI vulnerabilities are being exploited faster than defenders can respond ...
The Hacker News

Microsoft Patches 59 Vulnerabilities Including Six Actively Exploited Zero-Days

Microsoft patches 59 vulnerabilities, including six actively exploited zero-days, with CISA mandating urgent federal remediation.
Cloud Security Alliance

Logic-Layer Prompt Control Injection (LPCI): A Novel Security Vulnerability Class in Agentic Systems

Explores LPCI, a new security vulnerability in agentic AI, its lifecycle, attack methods, and proposed defenses.
WinBuzzer

Google Translate’s Gemini Mode is Vulnerable to Prompt Injection

Google Translate's Gemini integration has been exposed to prompt injection attacks that bypass translation to generate ...