Security

2 min read 311 views

OpenClaw 2026.2.23 Patches Critical Vulnerability in World's Most Popular AI Agent Framework

OpenClaw, the open-source AI agent framework with over 215,000 GitHub stars, releases version 2026.2.23 with critical security hardening — patching a remote code execution flaw and adding sandboxed execution for untrusted agent plugins.

Feb 23

3 min read 465 views

Conduent Data Breach Expands to 25 Million Americans in Largest Healthcare-Adjacent Incident

Government technology contractor Conduent's January 2025 ransomware attack has ballooned to affect over 25 million Americans — with Texas alone at 15.4 million, nearly four times the initially disclosed figure — exposing SSNs and medical data.

Feb 22

3 min read 307 views

ThreatDown 2026 State of Malware: Cybercrime Enters the Post-Human Era of Machine-Scale Attacks

The annual ThreatDown report documents a structural shift in the threat landscape: AI agents are removing the human bottleneck from cybercrime, autonomously conducting reconnaissance, harvesting credentials, and generating tailored ransom notes at machine scale.

Feb 22

3 min read 464 views

CamoLeak: Critical GitHub Copilot Flaw Allowed Silent Exfiltration of Private Code and Secrets

A CVSS 9.6 vulnerability in GitHub Copilot Chat combined remote prompt injection with a CSP bypass via GitHub's Camo image proxy, enabling attackers to silently exfiltrate AWS keys and private repository data through hidden markdown comments.

Feb 22

2 min read 565 views

Substack Confirms Data Breach After 100-Day Undetected Access Exposes 700,000 Users

Substack discloses a security incident in which an attacker scraped 697,313 user records over 100 days of undetected access, exposing email addresses, phone numbers, and personal details of the platform's journalists and writers.

Feb 21

2 min read 253 views

Google Patches First Actively Exploited Chrome Zero-Day of 2026

Google patches CVE-2026-2441, a high-severity use-after-free vulnerability in Chrome's CSS component that requires nothing more than visiting a malicious webpage to exploit, affecting over 3 billion Chrome users.

Feb 21

2 min read 267 views

Fortinet Patches Critical SQL Injection Flaw in FortiClientEMS Enabling Unauthenticated RCE

Fortinet discloses CVE-2026-21643 (CVSS 9.1), a critical SQL injection vulnerability in FortiClientEMS 7.4.4 that allows an unauthenticated remote attacker to execute arbitrary commands via crafted HTTP requests.

Feb 21

2 min read 214 views

Under Armour Data Breach: Everest Ransomware Group Leaks 72 Million Customer Records

The Everest ransomware group posts a database of 191 million records containing 72 million unique email addresses stolen from Under Armour, exposing names, dates of birth, purchase histories, and contact details.

Feb 21

3 min read 529 views

Salt Typhoon Expands Beyond the US: Singapore and Norway Telecom Networks Targeted

The Chinese state-sponsored Salt Typhoon threat actor extends its campaign beyond US carriers, hitting four major Singapore telecoms and Norwegian organizations, while the FBI warns the threat remains "very much ongoing."

Feb 20

3 min read 209 views

Microsoft February 2026 Patch Tuesday Fixes Six Actively Exploited Zero-Days

Microsoft's February 2026 Patch Tuesday addresses 58 vulnerabilities including six actively exploited zero-days and five critical flaws, with CVE-2026-21510 and CVE-2026-21513 requiring minimal user interaction.

Feb 20

3 min read 375 views

BeyondTrust CVE-2026-1731: Critical Pre-Auth RCE in Privileged Access Tools Hits CISA KEV

A near-maximum severity CVE-2026-1731 (CVSSv4 9.9) in BeyondTrust Remote Support and Privileged Remote Access allows unauthenticated remote code execution via a trivially simple WebSocket exploit, now actively exploited in the wild.

Feb 20

2 min read 253 views

GitHub Copilot RCE Vulnerability in JetBrains Plugin Patched in February Patch Tuesday

Microsoft's February 2026 Patch Tuesday included a fix for CVE-2026-21516, a command injection flaw in the GitHub Copilot plugin for JetBrains IDEs that allows a network-adjacent attacker to execute arbitrary code.

Feb 19