Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
The Hacker News

⚡ Weekly Recap: Linux Rootkit, macOS Crypto Stealer, WebSocket Skimmers and More

Weekly cybersecurity recap covering zero-days, malware, phishing, supply chain attacks, cloud threats, AI security risks, and ...
Security Boulevard

Go fuzzing was missing half the toolkit. We forked the toolchain to fix it.

Go’s native fuzzing is useful, but it stands far behind state-of-the-art tooling that the Rust, C, and C++ ecosystems offer with LibAFL and AFL++. Path constraints are hard to solve. Structured inputs ...
Communications of the ACM

Large Language Models in Software Security Analysis

Opportunities for agentic AI. AI agents go beyond basic in-context learning by enabling LLMs to iteratively plan, reason, and ...