Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
Mustang Panda’s Zoho WorkDrive attack hid two espionage campaigns inside India’s trusted cloud storage platform this month, ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
In 2025 and 2026, several independent sources have highlighted the same trend: Prompt injection remains one of the most ...
OpenAI previewed GPT-5.6 Sol, Terra and Luna as safety tests flagged stronger cyber capabilities and a greater risk of ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Wordfence has blocked 17M+ exploit attempts targeting a Gravity SMTP bug that leaks API keys, OAuth tokens, and full system reports without authentication.
Security researchers identified a coordinated malware campaign within the JetBrains Marketplace designed to exfiltrate ...
The window between vulnerability discovery and active exploitation has been shrinking for years, and frontier AI models have accelerated that compression. To address that shift, F5 this week announced ...
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks.
Despite official claims that a critical Meta AI support chatbot vulnerability had been resolved, reports confirm that hackers are still actively hijacking Instagram accounts. High-profile victims, ...
In 2024, researchers from the University of Illinois found that GPT-4, when provided with a common vulnerabilities and exposures (CVE) description, could autonomously exploit 87% of a curated ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results