New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

AI-assisted security analysis uncovered critical PostgreSQL and MariaDB vulnerabilities that remained hidden for more than two decades, highlighting the growing importance of continuously auditing ...

Researchers demonstrate how attackers can weaponize trusted repositories to hijack AI coding assistants and compromise ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.

If you own an iPhone and have been tapping “Remind Me Later” on software updates, this is the week to stop. A vulnerability ...

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

A critical zero-day vulnerability in Microsoft SharePoint is being exploited in the wild right now, and more than 1,300 ...

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...

GitHub facades and Ethereum smart contracts power a March 2026 admin-targeted campaign, enabling resilient C2 rotation and ...

The FTP server ProFTPD includes a module called mod_sql. It contains an SQL injection vulnerability that can ultimately lead ...

Visual Studio 2026 has further integrated GitHub Copilot's cloud agent to its Copilot Chat picker -- catching up to VS Code -- and the async workflow it enables, where a task runs on GitHub Actions ...