Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

AI-assisted security analysis uncovered critical PostgreSQL and MariaDB vulnerabilities that remained hidden for more than two decades, highlighting the growing importance of continuously auditing ...

Ivanti warned customers today to patch a high-severity remote code execution vulnerability in Endpoint Manager Mobile (EPMM) ...

CVE-2026-0300 exploited after April 9 attempts enables PAN-OS RCE, leading to stealth espionage and lateral movement by April ...

Cisco has released patches for several high-severity vulnerabilities that could lead to code execution, SSRF attacks, and DoS ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Palo Alto Networks warns that its widely deployed firewalls are under attack with hackers exploiting a critical zero-day vulnerability. Unauthenticated attackers can achieve remote code execution with ...

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

MetInfo CMS flaw CVE-2026-29014 exploited after April 7 patch, enabling remote code execution and targeting 2,000 instances.

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs ...