Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

Frontier AI models don't just delete document content — they rewrite it, and the errors are nearly impossible to catch

Frontier AI models corrupt 25% of document content in multi-step workflows — rewriting rather than deleting, which makes the ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
Computer Weekly

BlueRock open sources MCP Python Hooks

The company has this month announced the open source release of BlueRock MCP Python Hooks, a lightweight (software using ...
Analytics India Magazine

MATLAB’s Unexpected Collision With Agentic AI

The move pushes MathWorks into a world historically dominated by open-source developer tooling and AI-native workflows.
The Hacker News

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...
Hosted on MSN

Microsoft study finds AI coding models falter in long tasks

Benchmarking AI limits: Microsoft's DELEGATE-52 benchmark shows current AI coding models often corrupt documents during lengthy workflows, even among top-tier systems. Where models excel: Highly ...

Google says criminals used AI to build a working zero-day exploit for the first time

Criminal hackers have used artificial intelligence to develop a working zero-day exploit, the first confirmed case of its ...
The Hacker News

Fake OpenAI Privacy Filter Repo Hits #1 on Hugging Face, Draws 244K Downloads

Fake OpenAI Privacy Filter hit #1 on Hugging Face with 244,000 downloads, spreading infostealer malware to Windows users.

Microsoft researchers find AI models and agents can't handle long-running tasks

Companies exploring automated workflows would be well advised to keep their AI agents on a short leash. Microsoft researchers ...
The Next Web

The AI industry’s model and agent skill repositories are full of malware. The infrastructure built to accelerate development is now the vector for compromising it.

Hugging Face hosts 352,000 unsafe model issues. ClawHub's registry contains 341 malicious AI agent skills. The AI supply chain is now the most attractive target in software security.
Dark Reading

LatAm Vibe Hackers Generate Custom Hacking Tools on the Fly

In the latest evolution of automated cyberattacks, 2 threat campaigns heavily leveraged AI agents to support attacks against ...