An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather ...
Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet
A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...
NVIDIA has patched three high-severity vulnerabilities in its NeMo Framework, including a Linux command-injection flaw that could let low-privileged attackers run code, escalate access, alter data or ...
This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...
Hackers injected malware into 73 Microsoft GitHub repos on June 5, 2026. The attack targeted AI coding tools like Claude Code and VS Code. Read what happened.
The world's first anti-ageing gene therapy has just been injected into a human - here's what it does
First human gets experimental gene shot to rewind ageing cells in the eye Life Biosciences has dosed its first patient with ER-100, a treatment that uses partial cellular reprogramming to target ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results