
Trump Administration Lifts Claude Fable 5 Access Restrictions
The Trump administration reversed Commerce Department restrictions on Anthropic’s Fable 5, restoring global access while Mythos 5 stays limited to

The Trump administration reversed Commerce Department restrictions on Anthropic’s Fable 5, restoring global access while Mythos 5 stays limited to

Sysdig identified JADEPUFFER, the first ransomware campaign run by an LLM autonomous agent exploiting CVE-2026-33017 in Langflow to complete full

CISA confirmed active exploitation of CVE-2026-45659, a CVSS 8.8 SharePoint Server deserialization flaw enabling authenticated remote code execution in enterprise

Red teamers showed that email inbox prompt injection turns Claude Desktop into a reverse shell when MCP connectors with command

Adobe patched seven maximum-severity CVSS 10.0 vulnerabilities in ColdFusion and Campaign Classic, enabling unauthenticated code execution and privilege escalation.

Qilin listed Chamco Industries on its dark web extortion portal, threatening to leak stolen data in its latest attack on

SOCRadar confirmed FortiBleed hit 430,000 FortiGate firewalls with sniffers on 19,000 devices, linking the operation to INC Ransom and Lynx

Synacktiv disclosed an unpatched unauthenticated RCE in Argo CD’s repo-server component that can lead to full Kubernetes cluster takeover with

Cato AI Labs disclosed CVE-2026-50548 and CVE-2026-50549 in Cursor IDE, CVSS 9.8 flaws enabling zero-click prompt injection to escape the

ChocoPoC, a new remote access trojan, targets vulnerability researchers through trojanized proof-of-concept exploit repositories on GitHub, stealing credentials and establishing
Subscribe to the Daily Security Review Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.