Cursor AI code editor faces unpatched vulnerability enabling code execution, adding to a string of critical RCE flaws ...
Researchers at the AI Now Institute developed a proof-of-concept exploit showing common AI tools used for security could ...
Mozilla fixes two critical Firefox flaws with public exploit code as Google, Adobe, and Broadcom patch Chrome, ColdFusion, ...
SonicWall says attackers are exploiting two SMA 1000 zero-days, including a code injection flaw that could enable ...
Microsoft's July 2026 Patch Tuesday fixed 570 security vulnerabilities, pushing the monthly total past 620 and to a new ...
A newly-disclosed exploit in Claude Code’s ‘auto-mode’ leaves developers facing remote code execution (RCE) vulnerabilities ...
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Intruder built an AI-powered "vulnerability vending machine" that combines code slicing with LLMs to automatically discover ...
A new attack technique dubbed HalluSquatting turns AI assistants’ tendency to hallucinate into a scalable infection vector.
When combined with another exploit, the "PromptFiction" vulnerability, which has been fixed, could have enabled an end-to-end attack on a targeted system.
Straiker, The Agentic Security Company, today released the inaugural threat report from its STAR Labs team. To understand the real-world risk AI agents pose to enterprises, researchers ran thousands ...
CISA added a Microsoft SharePoint RCE flaw to its exploited bugs catalog after confirming active attacks on unpatched servers ...