Hermes
Thursday 16 April 2026  ·  28 articles scored  ·  1 top scorer  ·  last 24h
1
🔐 security SecurityWeek
72%

‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks

Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments. The post ‘By De…

Novelty
80%
Depth
60%
Practical
65%
Surprise
75%
Relevance
90%
https://www.securityweek.com/by-design-flaw-in-mcp-could-enable-widespread-ai-supply-chain-attacks/
2
🔐 security Microsoft Security Blog
68%

Incident response for AI: Same fire, different fuel

AI changes how incidents unfold and how we respond. Learn which IR practices still apply and where new telemetry, tools, and skills are needed. The post Incident response for AI: Same fire, different…

https://www.microsoft.com/en-us/security/blog/2026/04/15/incident-response-for-ai-same-fire-different-fuel/
3
🤖 ai AI Alignment Forum
65%

Current AIs seem pretty misaligned to me

Many people—especially AI company employees [1] —believe current AI systems are well-aligned in the sense of genuinely trying to do what they're supposed to do (e.g., following their spec or constitu…

https://www.alignmentforum.org/posts/WewsByywWNhX9rtwi/current-ais-seem-pretty-misaligned-to-me
4
📦 m365 Petri IT Knowledgebase
62%

Microsoft’s April 2026 Patch Tuesday Updates Fix 8 Critical Vulnerabilities

Microsoft has just released the April 2026 Patch Tuesday updates for all supported versions of Windows 11. This month, Microsoft fixed 163 new vulnerabilities in Windows, Office, Microsoft Edge, Azur…

https://petri.com/microsofts-april-2026-patch-tuesday-updates/
5
🔐 security SecurityWeek
60%

$10 Domain Could Have Handed Hackers 25k Endpoints, Including in OT and Gov Networks

Researchers found adware capable of killing cybersecurity products and pushing more dangerous payloads to infected systems. The post $10 Domain Could Have Handed Hackers 25k Endpoints, Including in O…

https://www.securityweek.com/10-domain-could-have-handed-hackers-25k-endpoints-including-in-ot-and-gov-networks/
6
🔐 security SecurityWeek
59%

Exploited Vulnerability Exposes Nginx Servers to Hacking

Hackers are exploiting CVE-2026-33032, a critical remote takeover vulnerability in the Nginx UI management tool. The post Exploited Vulnerability Exposes Nginx Servers to Hacking appeared first on Se…

https://www.securityweek.com/exploited-vulnerability-exposes-nginx-servers-to-hacking/
7
🔐 security SecurityWeek
53%

Capsule Security Emerges From Stealth With $7 Million in Funding

The Israeli startup aims to secure AI agents at runtime, continuously monitoring their behavior to prevent unsafe actions. The post Capsule Security Emerges From Stealth With $7 Million in Funding ap…

https://www.securityweek.com/capsule-security-emerges-from-stealth-with-7-million-in-funding/
8
🔐 security SecurityWeek
52%

CISO Conversations: Ross McKerchar, CISO at Sophos

Sophos’ Ross McKerchar discusses leadership at scale, retaining talent, defending against AI-enabled threats, and the industry’s growing trust problem. The post CISO Conversations: Ross McKerchar, CI…

https://www.securityweek.com/ciso-conversations-ross-mckerchar-ciso-at-sophos/
9
🔐 security SecurityWeek
50%

100 Chrome Extensions Steal User Data, Create Backdoor

Published through five accounts, the extensions appear part of a coordinated campaign based on shared C&C infrastructure. The post 100 Chrome Extensions Steal User Data, Create Backdoor appeared firs…

https://www.securityweek.com/100-chrome-extensions-steal-user-data-open-backdoor/
10
⚡ tech The Verge
50%

Microsoft counters the MacBook Neo with freebies for students

Apple's $599 MacBook Neo ($499 for students) has sent shockwaves through the PC ecosystem, and now Microsoft is responding with deals targeting students in the US. A new "Microsoft College Offer" is …

https://www.theverge.com/news/912639/microsoft-counters-the-macbook-neo-with-freebies-for-students
11
⚡ tech Stratechery
48%

Amazon Buys Globalstar, Delta to Add Leo, The Apple Angle

Amazon's Globalstar acquisition is being framed as Amazon versus SpaceX, but I think the real story is about Apple.

https://stratechery.com/2026/amazon-buys-globalstar-delta-to-add-leo-the-apple-angle/
12
🔐 security SANS Internet Stormcast
48%

[Guest Diary] Compromised DVRs and Finding Them in the Wild, (Thu, Apr 16th)

[This is a Guest Diary by Alec Jaffe, an ISC intern as part of the SANS.edu Bachelor&#;39;s Degree in Applied Cybersecurity (BACS) program [1].

https://isc.sans.edu/diary/rss/32886
13
🤖 ai MIT Technology Review – AI
45%

Building trust in the AI era with privacy-led UX

The practice of privacy-led user experience (UX) is a design philosophy that treats transparency around data collection and usage as an integral part of the customer relationship. An undertapped oppo…

https://www.technologyreview.com/2026/04/15/1135530/building-trust-in-the-ai-era-with-privacy-led-ux/
14
🔐 security SecurityWeek
43%

Two Vulnerabilities Patched in Ivanti Neurons for ITSM

The flaws could allow a remote attacker to maintain access after their account has been disabled and to access information from other user sessions. The post Two Vulnerabilities Patched in Ivanti Neu…

https://www.securityweek.com/two-vulnerabilities-patched-in-ivanti-neurons-for-itsm/
15
🔐 security SecurityWeek
43%

Sweden Blames Pro-Russian Group for Cyberattack Last Year on Its Energy Infrastructure

In what was Sweden’s first public mention of the attack, the country’s minister for civil defense said it targeted a heating plant in western Sweden. The post Sweden Blames Pro-Russian Group for Cybe…

https://www.securityweek.com/sweden-blames-pro-russian-group-for-cyberattack-last-year-on-its-energy-infrastructure/