Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

Although not the first of its kind, researchers’ POC attack against Microsoft’s M365 Copilot Enterprise underscores parameter ...

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...

Researchers warn Agentjacking can abuse Sentry errors to make AI coding agents run malicious code on developer machines.

OpenAI has launched a new security feature for ChatGPT called Lockdown Mode which is aimed at protecting the sensitive data ...

The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden ...

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...

Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code ...

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

A flaw in Claude Code's GitHub Action let attackers bypass permission checks via fake bots and steal OIDC tokens through prompt injection.

The new feature promises increased protection against these types of attacks, but you'll have to sacrifice a lot of ...

AI chatbots and assistants are extremely vulnerable to exploitation, particularly prompt injection, according to new research ...