Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta exposed sensitive internal data despite passing every identity check. Here are the four post-authentication gaps in enterprise IAM that made it possible — and the governance ...

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.
The Hacker News

GlassWorm Supply-Chain Attack Abuses 72 Open VSX Extensions to Target Developers

GlassWorm campaign used 72 malicious Open VSX extensions and infected 151 GitHub repositories, enabling stealth supply-chain attacks on developers.