PCMag

Fake Apps, Fraudulent Emails, and Very Real Hackers: Another Week in the Infosec Trenches

This week saw attacks on Claude Code users, LastPass users, Starlink users, and, perhaps worst of all, people who needed an ambulance. Add a dash of AI hacking, and you have another wild week in ...
Microsoft

Detecting and analyzing prompt abuse in AI tools

Hidden instructions in content can subtly bias AI, and our scenario shows how prompt injection works, highlighting the need for oversight and a structured response playbook.
Krebs on Security

How AI Assistants are Moving the Security Goalposts

AI-based assistants or “agents” — autonomous programs that have access to the user’s computer, files, online services and can automate virtually any task — are growing in popularity with developers ...
Microsoft

Inside Tycoon2FA: How a leading AiTM phishing kit operated at scale

Tycoon2FA has become a leading phishing-as-a-service (PhaaS) platforms, enabling campaigns that reach over 500,000 organizations monthly, prompting Microsoft’s Digital Crimes Unit (DCU) to work with ...

Not just an IT problem: What are retailers still getting wrong about supply chain cyber security?

The supply chain impact was immense, with the retailers experiencing systems going offline, payment disruptions and empty shelves. The financial consequences were also severe, with M&S warning that ...

A Vast Trove of Exposed Social Security Numbers May Put Millions at Risk of Identity Theft

A database left accessible to anyone online contained billions of records, including sensitive personal data that criminals ...
Yahoo

Government Data Breach Sparks Fears Millions May Need New Social Security Numbers

Your Social Security number—that nine-digit key to your entire financial life—might be compromised in what could become the largest government data breach in U.S. history. Whistleblower Charles Borges ...
VentureBeat

Anthropic published the prompt injection failure rates that enterprise security teams have been asking every vendor for

Run a prompt injection attack against Claude Opus 4.6 in a constrained coding environment, and it fails every time, 0% success rate across 200 attempts, no safeguards needed. Move that same attack to ...
HHS

2026 Predictions: AI Is Breaking Identity, Data Security

Artificial intelligence is fundamentally altering organizational workflows and how risk materializes. What once felt experimental is now operational: generative AI in the hands of employees, ...
Ars Technica

Discord faces backlash over age checks after data breach exposed 70,000 IDs

Discord is facing backlash after announcing that all users will soon be required to verify ages to access adult content by sharing video selfies or uploading government IDs. According to Discord, it’s ...
CNBC

Data breaches climbed to a record high in 2025. How to protect your personal information

The number of personal data compromises rose 5% last year — with 3,322 events in 2025 versus 3,152 in 2024 — a record, according to the Identity Theft Resource Center's new annual report. Even federal ...
Bleeping Computer

Viral Moltbot AI assistant raises concerns over data security

Security researchers are warning of insecure deployments in enterprise environments of the Moltbot (formerly Clawdbot) AI assistant, which can lead to leaking API keys, OAuth tokens, conversation ...