The latest Microsoft Patch Tuesday rollout featured no zero-days. However, an angry hacker has just dropped two new 0-day ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Google has fixed a critical flaw in its agentic integrated developer environment (IDE) Antigravity that led to sandbox escape and remote code execution (RCE) after researchers created a proof of ...

OpenAI has updated its Agents SDK with native sandbox execution and a refined harness to improve AI agent safety, while Fortinet patched critical FortiSandbox flaws enabling remote code execution and ...

Anthropic’s source code leak revealed a new way to get Claude Code to do things it doesn’t want to. The leak of Claude Code’s source is already having consequences for the tool’s security. Researchers ...

Over 40 years after its release, you'd think that there would be no more secrets to be found in Super Mario Bros. A group of dedicated speedrunners just smashed that theory, discovering a ...