Bleeping Computer

Microsoft Self-Service Password Reset abused in Azure data theft attacks

A threat actor targeting Microsoft 365 and Azure production environments is stealing data in attacks that abuse legitimate applications and administration features. Microsoft tracks the actor as Storm ...
VentureBeat

Agent authorization is broken — and authentication passing makes it worse

Anthony Grieco, Cisco’s SVP and chief security and trust officer, did not hesitate when VentureBeat asked whether rogue agent incidents are reaching Cisco’s customer base. "A hundred percent. We see ...
Wired

Thousands of Vibe-Coded Apps Expose Corporate and Personal Data on the Open Web

Companies like Lovable, Base44, Replit, and Netlify use AI to let anyone build a web app in seconds—and in thousands of cases, spill highly sensitive data onto the public internet. Security researcher ...
The Hacker News

Critical cPanel Authentication Vulnerability Identified — Update Your Server Immediately

cPanel has released security updates to address a security issue impacting various authentication paths that could allow an attacker to obtain access to the control panel software. The problem affects ...
The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Summary: Lovable, the $6.6 billion vibe coding platform with eight million users, has faced three documented security incidents exposing source code, database credentials, and thousands of user ...
Infosecurity-magazine.com

Fortinet Releases Emergency Patch After FortiClient EMS Bug Is Exploited

Fortinet customers have been urged to update their FortiClient Enterprise Management Server (EMS) products after the vendor was forced to issue an emergency patch over the weekend. CVE-2026-35616 is a ...
thecyberexpress

FortiClientEMS Vulnerabilities Under Active Exploitation, Expose Systems to RCE

A newly disclosed set of vulnerabilities affecting Fortinet’s endpoint management platform has raised serious concerns among cybersecurity professionals, particularly as both flaws are already being ...
Forbes

New Fortinet Zero-Day Warning—Update Now, Attacks Underway

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Fortinet issues emergency update as zero-day attack confirmed. Updated April 7: Following ...
Biometric Companies

AI agent identity and next‑gen enterprise authentication prominent at RSAC 2026

Passwordless authentication for humans and non-human identities is emerging as a key theme of RSA Conference 2026, with vendors rolling out new hardware, biometric and passwordless technologies ...
Biometric Companies

NIST concept paper explores identity and authorization controls for AI agents

A draft concept paper released by the National Institute of Standards and Technology (NIST) asks industry and government stakeholders how organizations should identify, authenticate and control ...
Geeky Gadgets

Control Claude Code from Your Phone : New Remote Control Feature Setup Guide

The newly released Claude Code remote control feature enables you to manage local coding sessions from anywhere, providing flexibility for developers who need to switch between devices without losing ...