Meta's rogue AI agent passed every identity check — four gaps in enterprise IAM explain why

A rogue AI agent at Meta exposed sensitive internal data despite passing every identity check. Here are the four post-authentication gaps in enterprise IAM that made it possible — and the governance ...
The Hacker News

Trivy Supply Chain Attack Triggers Self-Spreading CanisterWorm Across 47 npm Packages

CanisterWorm infects 28 npm packages via ICP-based C2, enabling self-propagation and persistent backdoor access across developer systems.

Researchers Uncover New Phishing Risk Hidden Inside Microsoft Copilot

Researchers reveal how Microsoft Copilot can be manipulated by prompt injection attacks to generate convincing phishing messages inside trusted AI summaries.