payments security

CVE-2026-11019 is a medium-severity Google Chrome for Android flaw, published June 4, 2026 and last modified June 8, that affected versions before 149.0.7827.53 and could let a remote attacker with a compromised renderer spoof a domain through a crafted HTML page. The dry phrasing hides the real...

Mastercard’s push to define how AI agents buy things on our behalf marks a decisive turn: the payments network is not merely enabling “agentic commerce,” it is trying to set the rules that will govern who can act, how purchases are authorized, and which parties carry the risk when software — not...