SecurityWeek

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...

Bluekit phishing kit adopts browser-in-the-middle for login theft

The Bluekit phishing-as-a-service platform continues to evolve with nearly 70 new hostnames identified over the past week and ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
Security Boulevard

When AI Agents Become Bots: A Field Report from the Authentication Layer

Security vendors and their customers have spent considerable time debating where to draw the line between “legitimate” AI agents and “malicious” bots. A 31-day campaign against a major consumer ...

New MCP specification kills old risks but opens fresh attack surfaces, Akamai finds

A major overhaul of the Model Context Protocol due next month removes several longstanding protocol-level security risks but ...
The Caledonian-Record

RSA Help Desk Live Verify Now Verifies Any User or Workflow, With or Without an Authenticator

RSA today announced new RSA Help Desk Live Verify capabilities that stop social engineering attacks by extending coverage for users without a registered authenticator. Announced at Identiverse 2026, ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

FBI Warns Cyber Criminals Are Using Traffic Distribution Systems to Spread Malware, Phishing Scams and Ransomware

FBI warns cyber criminals are using Traffic Distribution Systems to redirect users to phishing sites, malware downloads, ...
Atlanta Magazine

The Difference Between Front-End and Back-End Web Developers

Web developers create functional, appealing websites for users to interact with. Web development is often categorized into ...
The Hacker News

Popular WordPress Plugin Scripts Tampered to Plant Hidden Backdoors on Sites

Tampered JavaScript in three Awesome Motive plugins exposed WordPress sites to rogue admin accounts and hidden backdoors.
Developer Tech

ONLYOFFICE Docs Developer: Secure document editing in your own app

Secure document editing in your own app. ONLYOFFICE Docs Developer equips web applications with secure, latency-free document ...
JD Supra

'Honeypot' Suit Spotlights Nuances of Trade Secret Law

On March 17, 2026, MyCard, Inc. (d/b/a Knot) filed a bombshell complaint in the District of Delaware, alleging that it had caught Atomic FI, ...