AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Meta’s AI support chatbot proved unusually helpful to hackers looking to steal and resell notable Instagram accounts—the hackers simply asking the bot to change the accounts’ associated email ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. The campaign was ...

Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

A recent Microsoft Copilot exploit demonstrates how AI can make existing cybersecurity bugs even more virulent.

After AI-powered scams overwhelmed my inbox, I investigated how my email address ended up on the dark web—and discovered the ...

How ChatGPT's new Lockdown mode protects you from data theft (and what else it does) ...

From account hijacks and convincing scams to surveillance systems and experimental malware, AI was behind some of this week's biggest cybersecurity stories. Even the worms got an upgrade.

Posts from this author will be added to your daily email digest and your homepage feed. is a London-based reporter at The Verge covering all things AI and a Senior Tarbell Fellow. Previously, he wrote ...

The Instagram accounts for the Obama White House and the Chief Master Sergeant of the U.S. Space Force were briefly defaced with pro-Iranian images and messages over the weekend, after instructions ...

Hackers were able to trick Meta's AI into giving them access to any Instagram account they waned. Credit: Omar Marques/SOPA Images/LightRocket via Getty Images Meta — the parent company of Facebook, ...