Category Archives: Uncategorized

Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841)

Among the many security fixes released by Microsoft on February 2026 Patch Tuesday is one for CVE-2026-20841, a command injection vulnerability in Notepad that could be exploited by attackers to achieve remote code execution on targets’ Windows system. About CVE-2026-20841 For many, many years, Windows Notepad was a simple text editor and a staple tool for everyone who wanted a no-frills way to work with plain text, but in early 2022, Microsoft started redesigning it … More → The post Windows Notepad Markdown feature opens door to RCE (CVE-2026-20841) appeared first on Help Net Security.
http://news.poseidon-us.com/TQwJn4

Black Duck expands Polaris platform with unified, automated security across all major SCMs

Black Duck has announced the availability of a set of enhanced Black Duck Polaris Platform integrations across all major source code management (SCM) platforms, including GitHub, GitLab, Azure DevOps, and Bitbucket. The Polaris Platform is an integrated, software-as-a-service application security platform powered by the static application security testing, software composition analysis, and dynamic application security testing engines. With development teams managing an explosion of human and AI-generated code and increasingly distributed development environments, manual onboarding … More → The post Black Duck expands Polaris platform with unified, automated security across all major SCMs appeared first on Help Net Security.
http://news.poseidon-us.com/TQwJms

1Password open sources a benchmark to stop AI agents from leaking credentials

Research has shown that some AI models can identify phishing websites with near-perfect accuracy when asked. When those same models are used as autonomous agents with access to tools like email, web browsers, and password vaults, they can still carry out the scam. That gap is the focus of a new open source benchmark from 1Password called the Security Comprehension and Awareness Measure, or SCAM. The benchmark tests whether AI agents behave safely during real … More → The post 1Password open sources a benchmark to stop AI agents from leaking credentials appeared first on Help Net Security.
http://news.poseidon-us.com/TQwJmc

NowSecure AI-Navigator cuts mobile app testing time by automating authentication

NowSecure announced the launch of AI-Navigator, new functionality that streamlines and improves mobile application security testing. By automating authentication workflows, NowSecure enables security teams to dynamically test mobile apps for vulnerabilities and privacy leaks up to 90% faster. “Mobile apps are the front door to enterprise and consumer data, but security teams have struggled to continuously test them because they are unable to log in,” said NowSecure CTO David Weinstein. “Unauthenticated testing overlooks up to … More → The post NowSecure AI-Navigator cuts mobile app testing time by automating authentication appeared first on Help Net Security.
http://news.poseidon-us.com/TQwJl2