Spyware-grade Coruna iOS exploit kit now used in crypto theft attacks

A previously undocumented set of 23 iOS exploits named "Coruna" has been deployed by multiple threat actors in targeted ...
Cybernews

AI agents are too easy to fool, with websites now littered with hidden “system override” commands

Researchers at Unit 42, a security arm of Palo Alto Networks, have documented real-world attacks, and they’re as dumb as it gets. Hidden text on websites simply asks AI to “ignore previous ...

Until last month, attackers could've stolen info from Perplexity Comet users just by sending a calendar invite

If you wanted to steal local files from someone using Perplexity's Comet browser, until last month you could just schedule ...
ZDNet

ChatGPT's new Lockdown Mode can stop prompt injection - here's how it works

Hackers use prompt injection to steal the private data you use in AI. ChatGPT's new Lockdown Mode aims to prevent these attacks. Elevated Risk labels warn you of AI tools and content that could be ...
IEEE

Attack Detection of Cyber-Physical Systems With Two-Channel False Data Injection Attacks

Abstract: This paper addresses the attack detection problem for cyber-physical systems subject to false data injection attacks. A novel detection framework is developed for cyber-physical systems ...
Bleeping Computer

Pastebin comments push ClickFix JavaScript attack to hijack crypto swaps

Threat actors are abusing Pastebin comments to distribute a new ClickFix-style attack that tricks cryptocurrency users into executing malicious JavaScript in their browser, allowing attackers to ...
TMCnet

iProov Dynamic Liveness Is the First and Only Solution to Achieve CEN/TS 18099 High and Ingenium Level 4 for Injection Attack Detection

iProov, the world's leading provider of science-based biometric identity verification solutions, today announced that its Dynamic Liveness technology is the first and only solution to successfully ...
winbuzzer.com

Microsoft Patches High-Severity Notepad Remote Code Execution Flaw

Microsoft patched a high-severity command injection vulnerability in Windows Notepad through its February 2026 Patch Tuesday updates that allows attackers to execute malicious code remotely via ...
Newsday

Terrell Campbell, 29, of Brooklyn, charged in Elmont acid attack on Nafiah Ikram

A Brooklyn man has been indicted in the attack of an Elmont college student who was splashed in the face with sulfuric acid in her driveway as she returned home from work almost five years ago, ...
New York Post

Wannabe rapper busted for throwing acid in Long Island college student’s face, boasted about attack in song: officials

A wannabe rapper was busted for a long-unsolved acid attack that left a Long Island college student blind in one eye – after authorities used the hip-hop half-wit’s cringey song lyrics to track him ...
winbuzzer.com

Google Translate’s Gemini Mode is Vulnerable to Prompt Injection

Google Translate can be tricked into generating dangerous content instead of translations through simple prompt injection attacks discovered this week that exploit its Gemini AI foundation. A Tumblr ...