Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
Chicago Maroon

In His Last College Quarter, Ben Heim Is Building an AI Project Every Week

In his final quarter at UChicago, fourth-year Ben Heim has been taking his own advice. As president of the International ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
Hackaday

This Week In Security: Another Linux Exploit, Ubuntu Knocked Offline, Finals Interrupted, And Backdoored Tools

After the CopyFail vulnerability gave root access from any user on almost all distributions last week, this week we’ve got DirtyFrag. This chains the vulnerability in CopyFail (xfrm-ESP) and ...

Google Chrome may have silently installed 4GB AI model on your computer. Here's how to check

We tested our own computers to see if the model was present.
eWeek

Vibe Coding Cheat Sheet: Tools, Prompts, Security Tips, and More

This vibe coding cheat sheet explains how plain-language prompts can build apps fast, plus the planning, testing, and ...