Microsoft

WhatsApp malware campaign delivers VBS payloads and MSI backdoors

A malware campaign uses WhatsApp messages to deliver VBS scripts that initiate a multi-stage infection chain. The attack ...
The Hacker News

Critical Langflow Flaw CVE-2026-33017 Triggers Attacks within 20 Hours of Disclosure

Langflow CVE-2026-33017 exploited in 20 hours after disclosure, enabling RCE via exec(), exposing systems before patching ...
TechSpot

A stolen Gemini API key turned a $180 bill into $82,000 in two days

AI Economy: A team of three developers in Mexico is facing a roughly 455× increase in monthly AI service expenses after an API key associated with their project was allegedly compromised. The key was ...
Lifehacker

This Free Script Disables Every AI Feature in Windows 11

Tired of all the Microsoft AI slop? You can remove it entirely. Some people love AI. If you're not one of them (or if you have a favorite AI tool that isn't baked into it), using Windows 11 can feel ...
Dark Reading

Browser Extension Harvests 8M Users' AI Chatbot Data

A popular browser extension that acts as a VPN to protect users' privacy is actually harvesting and facilitating the sale of data from conversations with AI chatbot assistants. While versions previous ...
SDxCentral

OpenAI API breached after old fashioned phishing campaign exposes user details

AI giant OpenAI has revealed its API metadata was exposed in a security breach. A phishing incident at third-party data analytics provider Mixpanel compromised user details, including names, email ...
SiliconANGLE

Mixpanel breach compromises some OpenAI API users’ account data

A breach at data analytics provider Mixpanel Inc. has compromised the account information of some OpenAI Group PBC users. The ChatGPT developer disclosed the incident on Wednesday. Mixpanel’s namesake ...
Infosecurity-magazine.com

OpenAI Warns of Mixpanel Data Breach Impacting API Users

OpenAI has informed its application programming interface (API) users that some of their data may have been exposed in a breach impacting Mixpanel, a data analytics supplier. In a November 26 blog ...
wjactv

PA DHS addresses ongoing contract dispute between Martella's Pharmacies & Express Scripts

CAMBRIA COUNTY, Pa (WJAC) — The Pennsylvania Department of Human Services (DHS) has clarified its role in the ongoing legal battle involving Martella's Pharmacy and Express Scripts. The dispute began ...
VentureBeat

OpenAI is ending API access to chatgpt-4o-latest in February 2026

OpenAI has sent out emails notifying API customers that its chatgpt-4o-latest model will be retired from the developer platform in mid-February 2026. Access to the model is scheduled to end on ...
Bleeping Computer

Fortinet FortiWeb flaw with public PoC exploited to create admin users

A Fortinet FortiWeb path traversal vulnerability is being actively exploited to create new administrative users on exposed devices without requiring authentication. The issue is fixed in FortiWeb ...