OpenAI violated Canadian privacy laws in developing first ChatGPT model, probe finds

AI company collected personal information without adequate safeguards and valid consent, but has since addressed major ...
InfoWorld

Supply-chain attacks take aim at your AI coding agents

A North Korean APT has crafted malicious software packages to appeal to AI coding agents, while ‘slopsquatting’ shows the ...
Accountants Daily

APRA’s governance letter wasn’t written for accountants – read it anyway

APRA's AI governance letter to banks, insurers and super funds could also have implications for accounting firms that have ...

Foreign actors exploiting Alberta separatist debate to stoke discord, researchers say

A separatist convoy gathers in Edmonton on Monday. Alberta’s proposed referendum on independence is being targeted by foreign ...
Cryptopolitan on MSN

Malicious SAP npm packages target crypto wallet data

Four npm packages linked to SAP's Cloud Application Programming Model were hijacked. The hackers added code that steals ...
Smoky Mountain NewsOpinion

This is not what Waynesville needs

Editor’s note As Tony Dillard notes in this guest column, we’ve printed two other opinion pieces over the last two weeks by ...
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
Infosecurity Magazine

Cline Kanban Flaw Lets Websites Hijack AI Coding Agents

Cline is one of the most widely adopted open-source AI coding assistants, and its Kanban feature provides a web-based project ...

PCI DSS Compliance

Data Security Standard (DSS), issued by the PCI Security Standards Council (SSC), which establishes technical and operational ...
The Hacker News

⚡ Weekly Recap: AI-Powered Phishing, Android Spying Tool, Linux Exploit, GitHub RCE & More

Critical cPanel flaw under attack, Copy Fail Linux privilege escalation, TeamPCP supply chain campaign, GitHub RCE & major ...
InfoQ

GitHub Enhances CodeQL with Declarative Security Modeling for Faster, More Flexible Analysis

GitHub has introduced a significant update to its CodeQL engine, enabling developers to define custom sanitizers and ...