GitHub Inc.’s new Agentic Workflows feature that allowed an unauthenticated attacker to siphon data from private code ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
The flaw allows an unauthenticated attacker to craft a GitHub Issue in an org's public repository and then silently pull data ...
Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft ...
This sneaky attack tricks Microsoft's AI assistant to hand over your data.
Google fixed Rogue Agent, a Dialogflow CX Code Blocks flaw that could let one writable agent affect every chatbot in a Cloud ...
CrowdStrike data and OpenAI's admission confirm prompt injection as a dominant enterprise AI attack vector. 65% of ...
ActiveState explains how GitHub Actions attack chains can evade traditional CI security scanners, why passing a scan doesn't ...
In 2025 and 2026, several independent sources have highlighted the same trend: Prompt injection remains one of the most ...
Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...
DeepKeep, the end-to-end AI security platform, today unveiled a new class of visual prompt injection vulnerability – dubbed 'InkJect,' a nod to the hidden 'ink' within images used to inject malicious ...