Latest news as of 2/16/2026, 6:34:21 AM
Graham Cluley
Over 200,000 websites running a vulnerable version of a popular WordPress plugin could be at risk of being hijacked by hackers. Read more in my article on the Hot for Security blog.
Graham Cluley
In episode 61 of The AI Fix, a robot called DeREK goes bananas, OpenAI, Google DeepMind, and Anthropic warn we may lose the ability to see what AI is thinking, a dextrous robot changes its own batteries, the USA unveils its AI action plan, and a human beats AI to win the World Coding Championship. Also in this week's episode, Graham reveals why you should never ask a vibe coding app to "clean up" your project, and Mark explains why it was handbags at dawn at the International Mathematical Olympiad. All this and much more is discussed in the latest edition of "The AI Fix" podcast by Graham Cluley and Mark Stockley.
Dark Reading
With the right IGA tools, governance policies, and risk thresholds, enterprises can continuously detect and act on rogue access before attackers do.
Bleeping Computer
Microsoft has introduced Copilot Mode, an experimental feature designed to transform Microsoft Edge into a web browser powered by artificial intelligence (AI). [...]
Bleeping Computer
Orange, a French telecommunications company and one of the world's largest telecom operators, revealed that it detected a breached system on its network on Friday. [...]
The Hacker News
A newly emerged ransomware-as-a-service (RaaS) gang called Chaos is likely made up of former members of the BlackSuit crew, as the latter's dark web infrastructure has been the subject of a law enforcement seizure. Chaos, which sprang forth in February 2025, is the latest entrant in the ransomware landscape to conduct big-game hunting and double extortion attacks. "Chaos RaaS actors initiated
Dark Reading
A now-patched authentication issue on the popular vibe-coding platform gave unauthorized users open access to any private application on Base44.
Bleeping Computer
Think passkeys make you phishing-proof? Think again. Attackers are using downgrade attacks, device-code phishing, and OAuth tricks to sneak past modern MFA. See how Push Security shuts them down. [...]
Bleeping Computer
FBI Dallas has seized almost 23 Bitcoins from a cryptocurrency address belonging to a Chaos ransomware member that is linked to cyberattacks and extortion payments from Texas companies. [...]
The Register
5 V-tolerant GPIO opens the way to some intriguing retro-nerdery The Raspberry Pi team has released an update to the RP2350 microcontroller with bug fixes, hardening, and a GPIO tweak that will delight retro hardware enthusiasts.…