Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

AI-assisted security analysis uncovered critical PostgreSQL and MariaDB vulnerabilities that remained hidden for more than two decades, highlighting the growing importance of continuously auditing ...

Researchers demonstrate how attackers can weaponize trusted repositories to hijack AI coding assistants and compromise ...

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

Flaws in OpenEMR's platform — used by more than 100,000 healthcare providers — enabled database compromise, remote code ...

Mistral AI launches Workflows, a Temporal-powered orchestration platform for enterprise AI that automates mission-critical ...

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install backdoors.

As Europe pushes for sovereign AI infrastructure, Giskard is securing enterprise AI agents against manipulation, unsafe ...

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...

If you own an iPhone and have been tapping “Remind Me Later” on software updates, this is the week to stop. A vulnerability ...