16+ hour, 56+ min ago  (246+ words) A critical remote code execution (RCE) vulnerability has been uncovered in Hugging Face's Le Robot, a popular open-source robotics machine learning framework. Tracked as CVE-2026-25874, the flaw carries a maximum CVSS severity score of 9. 8 and allows unauthenticated attackers to execute…...

19+ hour, 46+ min ago  (273+ words) Microsoft announced a major evolution for Copilot in Outlook, shifting the tool from a passive assistant to an autonomous agent. Instead of simply drafting emails or summarizing threads on command, the AI now actively manages ongoing daily tasks. This agentic…...

17+ hour, 1+ min ago  (557+ words) Chinese authorities-linked hacker Xu Zewei, accused of playing a central role in the notorious Silk Typhoon (HAFNIUM) cyber campaign, has been extradited from Italy to the United States, marking a significant development in ongoing efforts to combat state-sponsored cyber espionage....

20+ hour, 46+ min ago  (405+ words) Sandworm, also known as FROZENBARENTS, is a state-sponsored threat group active since 2014. It has consistently targeted government bodies, energy firms, and research institutions, focusing on intelligence collection. The attack begins with spear-phishing emails carrying ZIP archives that contain malicious Windows…...

1+ day, 13+ hour ago  (488+ words) Researchers are warning that widely trusted local tools such as mac OS's textutil and Kee Pass XC can pose unexpected security risks when used within automated workflows. The issue is not traditional vulnerabilities such as memory corruption or code execution,…...

1+ day, 32+ min ago  (356+ words) A Claude Opus 4. 6-powered AI coding agent operating through the Cursor editor autonomously deleted the production database and backups of Saa S startup Pocket OS in just nine seconds. The incident highlights critical security failures in AI guardrails and infrastructure…...

1+ day, 20+ hour ago  (182+ words) Google has rolled out urgent security updates for its Gemini CLI and the accompanying Git Hub Action to address a critical vulnerability. The vulnerability stems from two distinct bypasses within the Gemini CLI environment. When deployed in automated, non-interactive environments…...

22+ hour, 42+ min ago  (257+ words) Cybercriminals have already been observed exploiting this flaw to target high-value secrets such as API keys and provider credentials. CVE-2026-42208 is a critical flaw in Lite LLM, an open-source proxy that connects applications to large language models such as those…...

1+ day, 20+ hour ago  (289+ words) Found in npm package versions before 2026. 4. 20, these complex flaws expose systems to severe policy bypasses, unauthorized local configuration modifications, and critical API credential leaks. IT administrators and cybersecurity professionals are strongly advised to upgrade their agent deployments to the newly…...

22+ hour, 24+ min ago  (342+ words) This upcoming feature aims to reduce users" reliance on third-party storage providers such as Google Drive and Apple"s i Cloud. By bringing backup storage in-house, Whats App gives users greater control over their data privacy and device storage limits....