* Malicious JetBrains Marketplace Plugins Discovered Stealing AI API Keys from Developers

* A Three-Stage Vulnerability Chain Turning Microsoft 365 Copilot Into a Silent Data Exfiltration Weapon

* The Digital Trove: How a Single Hack Exposed One Man’s Entire Life and Why We’re All Vulnerable

* FIFA Bug in World Cup Streaming Infrastructure Opened Door to Remote Takeover

* Passkeys vs Passwords: Readers Debate Whether a Smartphone PIN Can Really Be Safer Than a Complex Password

* GitHub Announces Sweeping npm Security Overhaul to Combat Supply Chain Attacks

* Anthropic Rolls Out Claude Fable 5 in Limited-Time Free Release Before Usage-Based Pricing Kicks In

* OpenClaw AI Agent Found Vulnerable to Phishing Attacks, Leaking Sensitive User Data

* Apple Introduces Automatic Password Changing Feature for Compromised Credentials

* Anthropic Expands Claude Mythos Preview Access to Australian Organisations Through Project Glasswing

* Cybercriminals Exploit ChatGPT Share Links to Distribute Malware Via Fake Outage Pages

* Google Chrome Bolsters Security With Session Cookie Theft Protection for All Users

* Hackers Exploit Meta’s AI Support Bot to Hijack High-Profile Instagram Accounts

* Critical HTTP/2 Bomb Vulnerability Exposes Major Web Servers to Remote Denial-of-Service Attacks