Ecommerce platforms represent one of the most consistently targeted areas of the modern digital estate. They process payment ...

First of four parts Before we can understand how attackers exploit large language models, we need to understand how these models work. This first article in our four-part series on prompt injections ...

A practical MCP security benchmark for 2026: scoring model, risk map, and a 90-day hardening plan to prevent prompt injection, secret leakage, and permission abuse.

Fortinet closes flaws in FortiWeb and FortiManager, allowing command injection, among other things. FortiGate firewalls were ...

Malware is evolving to evade sandboxes by pretending to be a real human behind the keyboard. The Picus Red Report 2026 shows 80% of top attacker techniques now focus on evasion and persistence, ...

OpenAI acquires Promptfoo to embed AI red-teaming and security testing directly into its Frontier agent platform, signaling that agent safety is now table stakes.

The acquisition points to rising demand for tools that test and secure LLMs before they are deployed in enterprise workflows.

Nine “LeakyLooker” flaws in Google Looker Studio allowed cross-tenant SQL access across GCP services before being patched.

Your weekly cybersecurity roundup covering the latest threats, exploits, vulnerabilities, and security news you need to know.

Perenco UK concluded the UK’s first carbon dioxide (CO 2) injection test for carbon capture and storage (CCS) at Project Poseidon in the UK’s Southern North Sea (SNS). The company said the operation ...

A flaw in a widely used artificial intelligence-assisted software development tool allowed attackers to plant hidden instructions. Those commands could steal credentials or delete files on developers' ...