MCP tool poisoning turns trusted AI agents into a control plane for data loss. Learn how threat actors manipulate tool ...

Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

Spring AI 2.0 advances the Java framework for generative AI apps with a Spring Boot 4 baseline, cleaner agentic tooling, Model Context Protocol support and vendor-backed integrations including Azure ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

SentinelOne details Gaslight, a Rust-based macOS implant linked to North Korea-aligned actors that uses prompt injection to ...

By targeting the automated workflows around repositories with targeted pull requests, attackers can potentially target ...

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...

NVIDIA has patched three high-severity vulnerabilities in its NeMo Framework, including a Linux command-injection flaw that could let low-privileged attackers run code, escalate access, alter data or ...

Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code and VS Code. Read what happened.

In a breakthrough for longevity science, a reverse-aging treatment has been injected into a human. The technique is a sought-after solution for improving longevity by reprogramming cells. Competitors ...

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.