Microsoft: Critical Security Issue Found in Windows Notepad

Microsoft patches CVE-2026-20841, a high-severity Windows Notepad flaw that could allow code execution via malicious Markdown ...
Microsoft

Running OpenClaw safely: identity, isolation, and runtime risk

Self-hosted agents execute code with durable credentials and process untrusted input. This creates dual supply chain risk, ...
GitHub

Metis: AI-Powered Security Code Review

Metis is an open-source, AI-driven tool for deep security code review, created by Arm's Product Security Team. It helps engineers detect subtle vulnerabilities, improve secure coding practices, and ...
The Washington Post

Homeland Security is targeting Americans with this secretive legal weapon

He had decided that the America he believed in would not make it if people like him didn’t speak up, so on a cool, rainy morning in the suburbs of Philadelphia, Jon, 67 and recently retired, marched ...
FedScoop

ICE drives AI use case growth within Homeland Security

ICE agents leave a residence after knocking on the door on Jan. 28, 2026 in Minneapolis, Minnesota. The U.S. Department of Homeland Security continues its immigration enforcement operations after two ...
ZDNet

Microsoft's latest zero-day patch blocks a viral Office document hack - how to protect your PC ASAP

Microsoft has released a patch to resolve a security flaw in Office. The flaw could let a malicious file attachment infect your PC. Office 2016 and 2019 users must manually update the program.
Dark Reading

Months After Patch, WinRAR Bug Poised to Hit SMBs Hardest

A wide range of adversaries including state-sponsored actors are targeting a vulnerability in popular file extraction software WinRAR that was addressed last year. The vulnerability impacts a wide ...
SecurityWeek

High-Severity Remote Code Execution Vulnerability Patched in OpenSSL

A total of 12 vulnerabilities have been fixed in OpenSSL, all discovered by a single cybersecurity firm. All 12 vulnerabilities patched in the open source SSL/TLS toolkit were discovered by ...
Mashable

Clawdbot AI security risks you need to know before trying it

Yesterday, we wrote about Clawdbot, a new AI personal assistant that's achieved viral status in Silicon Valley. Many AI agents have been criticized for over-promising and under-delivering, but early ...
Bleeping Computer

Fortinet blocks exploited FortiCloud SSO zero day until patch is ready

Fortinet has confirmed a new, actively exploited critical FortiCloud single sign-on (SSO) authentication bypass vulnerability, tracked as CVE-2026-24858, and says it has mitigated the zero-day attacks ...
Infosecurity-magazine.com

Microsoft Releases Patch for Office Zero Day Amid Evidence of Exploitation

A new high-severity zero-day vulnerability in Microsoft Office has been exploited in the wild, according to Microsoft. The tech giant released a patch in a January 26 advisory for the flaw which has ...