Biometric Update

IAD procurement, testing and deployment criteria clarified by expert panel

The injection attacks powering a wave of digital fraud can be stopped, but not with liveness detection or deepfake detection.
The Hacker News

Cordyceps CI/CD Flaws Expose 300+ GitHub Repositories to Supply-Chain Attacks

Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
SecurityWeek

Lantronix Serial-to-IP Converter Flaw Exploited in Attacks After OT Threat Warning

A vulnerability that can facilitate attacks on operational technology (OT) systems is being exploited in the wild ...

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...
SecurityWeek

When Information Becomes the Attack Surface – Understanding AI Agent Traps

AI models producing incorrect answers is hardly a threat, until agents encounter information that’s maliciously designed to influence what it sees, believes, remembers, or executes.

Medicare's New $50 Weight-Loss Drug Benefit Starts July 1 - Here's Who Qualifies

Medicare's new GLP-1 Bridge program starts July 1, potentially cutting the cost of select weight-loss drugs to $50 a month ...
Infosecurity Magazine

Researchers Trick AI Browsers Into Leaking Credentials

A range of AI-powered web browsers have been tricked into abandoning their safety guardrails and leaking user data after ...

After Anthropic, Google now lets you build AI agents that control your computer with Gemini 3.5 Flash: Here is how

Google has built Computer Use directly into Gemini 3.5 Flash, following a similar capability Anthropic introduced for Claude.
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...