Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...

The US military is quietly seeking to bolster its ability to deter or battle China over Taiwan, including with new warship-killing bombs and advanced sea mines, the head of US Indo-Pacific Command ...

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...

AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...

There is a new AI model called Mythos. Anthropic built it for defensive cybersecurity research. It is so effective at finding software vulnerabilities that Anthropic decided the general public cannot ...

Bitwarden CLI, the command-line interface for the password manager Bitwarden, has reportedly been compromised as part of a newly discovered and ongoing Checkmarx supply chain campaign, according to ...

But, is this resurgence real, or are we simply observing a handful of highly visible cases amplified by media and investor attention? More importantly, what does the evidence actually tell us about ...

Prompt injection flaws in Microsoft Copilot Studio and Salesforce Agentforce let attackers weaponize form inputs to override agents' behavior and exfiltrate sensitive customer and business data.

Abstract: The Internet of Things (IoT) devices have brought invaluable convenience to our daily lives. However, they also introduce significant security challenges. Common vulnerabilities in numerous ...

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data exfiltration. OpenAI has fixed two flaws in its AI stack that could allow AI ...

A critical vulnerability in OpenAI Group PBC’s Codex coding agent could have exposed sensitive GitHub authentication tokens through a command injection flaw, according to a new report out today from ...