Latest news as of 2/15/2026, 7:53:17 AM
The Hacker News
A combination of propagation methods, narrative sophistication, and evasion techniques enabled the social engineering tactic known as ClickFix to take off the way it did over the past year, according to new findings from Guardio Labs. "Like a real-world virus variant, this new 'ClickFix' strain quickly outpaced and ultimately wiped out the infamous fake browser update scam that plagued the web
Dark Reading
In a conversation with Dark Reading's Terry Sweeney, Lauren Miskelly from Google explains that Chrome Enterprise is the same Chrome browser that consumers use, but with additional enterprise-grade controls, reporting capabilities, and administrative features.
The Register
Some pinpointed software nasties but were suspicious of printer drivers too Researchers from the Universities of Guelph and Waterloo have discovered exactly how users decide whether an application is legitimate or malware before installing it – and the good news is they're better than you might expect, at least when primed to expect malware.…
Graham Cluley
In episode 62 of The AI Fix, your hosts learn how AI models smash through CAPTCHA roadblocks like they're made of wet tissue paper - so much for humanity’s last line of defence. Meanwhile, we meet a bottle-flipping robot and call BS on a cartwheeling cyborg, Graham has a full-blown breakdown over traffic light puzzles, and Anthropic hires an AI psychiatry team to figure out why its bots are unhinged. Also: Microsoft helpfully tells us which jobs are toast, Vogue replaces models with AI-generated glam-bots, and a tiny homebrew neural net humiliates the big boys at Sudoku. Plus, Mark explores GEPA — the AI prompt optimiser that politely mutates your questions until they’re 35 times more effective than reinforcement learning. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
The Hacker News
Google has released security updates to address multiple security flaws in Android, including fixes for two Qualcomm bugs that were flagged as actively exploited in the wild. The vulnerabilities include CVE-2025-21479 (CVSS score: 8.6) and CVE-2025-27038 (CVSS score: 7.5), both of which were disclosed alongside CVE-2025-21480 (CVSS score: 8.6), by the chipmaker back in June 2025. CVE-2025-21479
The Register
Wiz Research details flaws in Python backend that expose AI models and enable remote code execution Security researchers have lifted the lid on a chain of high-severity vulnerabilities that could lead to remote code execution (RCE) on Nvidia's Triton Inference Server.…
Bleeping Computer
Can your defenses withstand the biggest attacks of Summer 2025? From Interlock's FileFix to Qilin, Scattered Spider, and ToolShell exploits—simulate them all against your organization's defenses with Picus Security Validation Platform to find gaps before attackers do. [...]
Dark Reading
While the cybercrime underground has professionalized and become more organized in recent years, threat actors are, to a great extent, still using the same attack methods today as they were in 2020.
The Hacker News
Cybersecurity researchers have disclosed a high-severity security flaw in the artificial intelligence (AI)-powered code editor Cursor that could result in remote code execution. The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to the fact that it exploits a quirk in the way the software handles modifications to Model
Check Point Research
By: Andrey Charikov, Roman Zaikin & Oded Vanunu Background Cursor is a developer-focused AI IDE that combines local code editing with large language model (LLM) integrations. Due to its flexibility and deep LLM integration, Cursor is increasingly adopted by startups, research teams, and individual developers looking to integrate AI tooling directly into their development workflow. […] The post appeared first on . CVE-2025-54136 – MCPoison Cursor IDE: Persistent Code Execution via MCP Trust Bypass Check Point Research