News Anthropic disables Fable 5 and Mythos 5 after U.S. export control directive June 13, 2026 / June 13, 2026 by Alex Mira | Leave a Comment Anthropic has disabled access to Fable 5 and Mythos 5 after a U.S. export control directive tied to national security. Earlier Claude models remain available while the company works on next steps. Read more » AI models Anthropic compliance export controls policy security
News CVE-2026-3300: Active exploits target Everest Forms Pro’s Complex Calculation feature June 7, 2026 / June 7, 2026 by Alex Mira | Leave a Comment CVE-2026-3300 in Everest Forms Pro is under active exploitation. The bug enables unauthenticated remote code execution via the Complex Calculation feature. Update to 1.9.13, audit admin users for “diksimarina,” and review logs for the IPs cited by Wordfence. Read more » CVE-2026-3300 Everest Forms Pro Plugin vulnerability Remote code execution security wordpress
News Security Compromised npm Packages Abuse Hugging Face as Exfiltration Infrastructure June 4, 2026 / June 4, 2026 by Corentin C | Leave a Comment Microsoft Threat Intelligence has warned that compromised npm packages utils-terminal@3.2.1 and logger-active@3.2.1 are deploying the MicrosoftSystem64 RAT. The malware captures keystrokes, screenshots, and crypto wallet credentials while abusing Hugging Face infrastructure as an exfiltration channel. Read more » huggingface MicrosoftSystem64 npm rat security trojan
News CVE-2026-43284: Linux fixes an ESP decryption flaw tied to “Dirty Frag” reports May 11, 2026 / May 11, 2026 by Alex Mira | Leave a Comment Linux has patched CVE-2026-43284 in the xfrm/ESP input path to avoid unsafe in-place decryption on shared fragments. Media link it to the “Dirty Frag” LPE chain, but only parts are confirmed. Here’s what’s known and what to do next. Read more » CVE-2026-43284 ESP IPsec kernel linux security vulnerability
News Security Critical cPanel Vulnerability CVE-2026-41940 Actively Exploited: What Website Owners and Hosting Providers Need to Know May 4, 2026 / May 4, 2026 by Corentin C | Leave a Comment CVE-2026-41940 is a critical cPanel and WHM authentication bypass vulnerability actively exploited in the wild. Learn who is affected, what attackers can do, and how to patch. Read more » cpanel cve cve-2026-41940 security vulnerability web hosting
News Security CVE-2026-31431 (“Copy Fail”): What You Need to Know April 30, 2026 / May 7, 2026 by Corentin C | Leave a Comment CVE-2026-31431 (“Copy Fail”) is a high-severity Linux kernel vulnerability enabling local privilege escalation and container escape. Learn its impact and how to patch or mitigate it effectively. Read more » cve CVE-2026-31431 kernel linux security
Microsoft News Security December Patch Tuesday 2025: A Month of AI Upgrades, UX Polish — and a Quiet Fix to a Long-Running Windows Shortcut Flaw December 6, 2025 / December 6, 2025 by Corentin C | Leave a Comment December Patch Tuesday 2025 brings UI polish, deeper AI integration, a key Servicing Stack update, and a quietly fixed Windows shortcut vulnerability exploited since 2017. Here’s what changed and what security-conscious users should know. Read more » ai CVE-2025-9491 KB5070311 KB5071142 security update windows
AI ChatGPT Atlas: OpenAI’s New Browser Aiming to Redefine Web Use October 22, 2025 / October 22, 2025 by Corentin C | Leave a Comment OpenAI has introduced ChatGPT Atlas, a browser built around its AI assistant to unify navigation, search, and task automation. This article explores its features, privacy implications, and potential impact on the future of web browsing. Read more » ai atlas automation chatgpt openai security web browser
News Security Salesloft Drift OAuth Token Breach Exposes Salesforce and Google Workspace Data September 1, 2025 / September 1, 2025 by Corentin C | Leave a Comment In August 2025, Google Threat Intelligence confirmed a major security incident involving Salesloft Drift. Attackers stole OAuth tokens, exfiltrated Salesforce data, and accessed some Google Workspace accounts. Learn how the breach happened, what data was exposed, and the urgent steps organizations must take to secure their environments. Read more » breach drift google gtig oauth salesforce security
AI Security Brave Exposes Critical Security Flaws in Agentic AI Browsers August 25, 2025 / August 25, 2025 by Corentin C | Leave a Comment Brave has revealed critical flaws in Perplexity’s Comet AI assistant, where hidden instructions on a webpage could trick the browser into leaking emails, passwords, or other sensitive data. The research highlights the growing security and privacy risks of agentic AI browsers, and why stronger protections are urgently needed. Read more » agentic ai brave browser security
