New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

CVE-2026-22679 exploited via debug endpoint in Weaver E-cology before 20260312, enabling RCE and system compromise.

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Google has fixed a critical flaw in its agentic integrated developer environment (IDE) Antigravity that led to sandbox escape and remote code execution (RCE) after researchers created a proof of ...

The repository reached the #1 trending position on Hugging Face within 18 hours, highlighting how public AI repositories are ...

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install backdoors.

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container ...