Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

AI-assisted security analysis uncovered critical PostgreSQL and MariaDB vulnerabilities that remained hidden for more than two decades, highlighting the growing importance of continuously auditing ...

Researchers demonstrate how attackers can weaponize trusted repositories to hijack AI coding assistants and compromise ...

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Researchers warn insecure AI systems and exposed infrastructure are creating growing cybersecurity risks globally.

If you own an iPhone and have been tapping “Remind Me Later” on software updates, this is the week to stop. A vulnerability ...

As Europe pushes for sovereign AI infrastructure, Giskard is securing enterprise AI agents against manipulation, unsafe ...

Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no ...

Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue.

The five new vulnerabilities discovered in Ivanti’s on-premises mobile endpoint management solution are a “classic example of ...