The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

The discovery involves a vulnerable GitHub workflow, within the Windows-driver-samples repository. Tenable Research has ...

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

A Discord group accessed Anthropic’s Mythos AI model on its launch day by guessing its URL via a third-party vendor environment.

A surge in AI agent adoption is exposing critical systems online ...

Three proof-of-concept exploits are being used in active attacks against Microsoft's built-in security platform; two are ...

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...