Cybersecurity news from across the internet
Cybersecurity news from across the internet

A flaw in Anthropic's Claude for Chrome browser extension could allow a malicious extension to trigger predefined AI actions by simulating user clicks, potentially allowing it to abuse Claude's access to connected servic…

The number of people who got approval to be in the Federal Rotational Cyber Workforce program was in the single digits, GAO found. The post Program to rotate cyber personnel through federal agencies saw little use appear…





Least privilege for AI agents: Identity, access, and tool binding
[NotCVE-2026-0001] Cloudflare Universal SSL CAA augmentation weakens RFC 8657 account binding — CVE-2026-14440 assigned 163 days after public no-CVE disclosure
Subject: Advisory Submission: EZ Game Booster - Cleartext Storage of Sensitive Credentials (CWE-312)
CVE-2026-56877 - Skillable SCORM userId authorisation bypass
VU#885548: Denial-of-service vulnerability in HTTP/2 servers via stalled flow-control conditions
VU#326070: SGLang contains a vulnerable pickle deserialization vulnerability through the expert-parallel subsystem
CISA Adds Three Known Exploited Vulnerabilities to Catalog
ISC Stormcast For Thursday, July 16th, 2026 https://isc.sans.edu/podcastdetail/10010, (Thu, Jul 16th)
The backlash against Flock cameras is spreading
Trust, Verify, Protect: Modernizing Email Security for the Cloud
Security updates available for Adobe, Chrome, Firefox, VMWare, and Zoom
Samsung backs down on threat to delete health data