One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
VentureBeat

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...
The New York Times

Is Strait of Hormuz Open Again? Maybe, but Few Ships Are Using It.

There were conflicting reports about the status of the vital shipping waterway in the cease-fire with Iran. By Pranav Baskar and Shirin Hakim As the cease-fire between the United States and Iran ...