In other news, a DHS database was hacked, Adobe is releasing patches twice a month, and Canada has disrupted ransomware operations.
When Ying Zhang was a doctoral student at Virginia Tech, she spent years learning to think like an attacker—probing software ...
A comprehensive Sudanese study has revealed that 93.2% of Sudanese support peace negotiations, a finding that participants described as “digital evidence refuting claims used to justify the ...
According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Google has released A2UI v0.9, a framework-agnostic standard for AI agents to declare user interface intent across multiple ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
OpenAI launches Patch the Planet to help open-source maintainers find, validate and fix software bugs with AI and human review.
With a security initiative, OpenAI competes with Anthropic's Mythos and also offers a security review service for open-source projects.
A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...