Researchers show HalluSquatting can make AI coding agents fetch fake repositories or skills and run attacker-supplied code.
A critical prompt injection vulnerability in GitHub Agentic Workflows could allow unauthenticated attackers to leak private repository data, ...
Researchers at Nebula Security have disclosed GhostLock (CVE-2026-43499), a 15-year-old Linux kernel flaw that lets any ...