Bleeping Computer

Ghost CMS SQL injection flaw exploited in large-scale ClickFix campaign

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...
CSO Online

Microsoft says web-enabled AI agents can trigger host-level RCE

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...

I let Claude audit my messy Home Assistant setup, and it was a massive wake-up call

I gave Claude access to my Home Assistant. It helped me audit, debug, and improve my smart home better than I ever could have ...
The Hacker News

Microsoft Restores Some GitHub Repos, Keeps Others Offline as Miasma Probe Continues

Microsoft confirms it temporarily removed GitHub repos after Miasma worm compromised 73 of its open-source projects to inject ...
InfoWorld

33 LLM metrics to watch closely

Look to these key metrics and benchmarks to evaluate the performance, capability, reliability, and safety of your AI models ...
CEOWORLD magazine

AI Adoption Fails When Leaders Chase Speed Alone

The next software race will reward companies that learn to manage machines instead of merely buying them. Anthropic’s agentic ...
Indianapolis Business Journal

FDA panel backs first-of-its-kind flu vaccine using mRNA technology

The ability to quickly manufacture vaccines that closely match the latest flu strains could prevent thousands of hospitalizations.

Datadog expands observability platform to autonomous AI team colleague

At the DASH conference, Datadog presents new features for autonomous IT operations and AI security with Bits AI SRE, AI Guard ...

7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...