Snowflake Cortex Code CLI was vulnerable to a sandbox escape and human-in-the-loop bypass that allowed unauthorized malware execution via indirect prompt injection.
A security database that evaluates and ranks the instructional risks and permission levels of AI agent skills to prevent exploitation.
An autonomous AI agent hacked McKinsey’s internal AI platform in two hours, exposing millions of confidential records and highlighting the urgent need to secure the prompt layer.
Claude Opus 4.6's discovery of 22 Firefox vulnerabilities highlights a powerful, yet potentially temporary, AI-driven advantage for software defenders.
Exploit development is becoming a token-limited, scalable process with LLMs, so we must prepare and demand real-target, high-budget evaluations.
Notion AI saves edits before consent, enabling prompt-injected external image loads that exfiltrate user data regardless of user approval.
An exposed Mintlify static endpoint let malicious SVGs run on customer primary domains, creating a widespread supply-chain XSS affecting Discord, X, and many others.
OpenAI’s GPT-5.2-Codex pushes agentic coding and defensive cyber forward while rolling out with stricter safeguards and gated access.
Update your RSC stack now: fixed react-server-dom versions patch a DoS and source code leak that affect many frameworks, though no new RCE is possible.
Critical RCE in React Server Components affects Next.js App Router; upgrade to the listed patched versions now.
AI agents have enabled near-autonomous, state-linked cyber espionage at scale, forcing a rapid shift toward AI-powered cyber defense and stronger safeguards.
