MCP tool poisoning turns trusted AI agents into a control plane for data loss. Learn how threat actors manipulate tool ...

NAIC has confirmed it was targeted in the recent hacking campaign that exploited an Oracle PeopleSoft zero-day vulnerability.

In 2025 and 2026, several independent sources have highlighted the same trend: Prompt injection remains one of the most ...

Attackers can exploit a critical security vulnerability in several Zoho Corp. ManageEngine products to take over accounts.

Your ideal vibe-coded app could pose serious security risks.

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...

A flaw in Meta's AI-powered Instagram recovery tool allowed attackers to hijack accounts by redirecting password reset links, bypassing traditional security measures. Meta quickly patched the ...

In short:Security researcher Aonan Guan hijacked AI agents from Anthropic, Google, and Microsoft via prompt injection attacks on their GitHub Actions integrations, stealing API keys and tokens in each ...

A critical vulnerability in OpenAI Group PBC’s Codex coding agent could have exposed sensitive GitHub authentication tokens through a command injection flaw, according to a new report out today from ...

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. The Microsoft Security Response Center has confirmed that a SQL Server elevation of ...

Three security vulnerabilities in the official Git server for Anthropic's Model Context Protocol (MCP), mcp-server-git, have been identified by cybersecurity researchers. The flaws can be exploited ...

Microsoft has pushed back against claims that multiple prompt injection and sandbox-related issues raised by a security engineer in its Copilot AI assistant constitute security vulnerabilities. The ...