Microsoft removed a steganography-based adware network (StegoAd) consisting of 119 extensions that had been active since at least 2021 and concealed malware payloads in images and fonts.
The use of Palantir’s Vera by Bavarian and other German police authorities raises questions about constitutional permissibility that data protection officials have been criticizing for some time.
As AI becomes more broadly deployed in enterprises, security incidents and control deficits increase significantly — comprehensive AI governance becomes an operational necessity rather than a strategic vision.
MCP 2026-07-28 eliminates legacy session risks through statelessness but introduces new attack surfaces in identifier management, HTTP headers, UI apps, and asynchronous tasks.
Malware exploits compromised npm packages and manipulated GitHub Actions to exfiltrate tokens and credentials directly from CI/CD environments and developer repositories.