JFrog says six malicious npm packages used hidden install-time execution, JSONKeeper fetches, and sandbox checks to enable remote access.
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
The Americas, Australasia, Asia, Europe and Africa have already been marking the arrival of the new year with fireworks and festivities.
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...