Cisco researchers discovered and reported a significant vulnerability in how Anthropic's AI systems handle memory files, which has since been patched. The flaw highlights a broader, systemic risk in …
Check Point Research disclosed a critical vulnerability in ChatGPT's code execution runtime that allows a single malicious prompt to establish a covert outbound exfiltration channel, bypassing …
Chinese cybersecurity firm 360 Digital Security Group claims its multi-agent AI system autonomously discovered nearly 1,000 vulnerabilities, including a critical Office zero-day allegedly dormant for …
Unit 42 researchers discovered critical privilege escalation and data exfiltration vulnerabilities in Google Cloud Platform's Vertex AI Agent Engine, demonstrating how a deployed AI agent can be …
Anthropic's Project Glasswing, powered by the Mythos Preview model, demonstrated unprecedented AI-driven vulnerability discovery — including a 72.4% autonomous exploit success rate against Firefox's …
Microsoft's Security Blog outlines how AI is accelerating the offensive threat landscape, with models now capable of autonomously discovering vulnerabilities and chaining lower-severity issues into …
SentinelOne claims its AI-powered EDR autonomously detected and blocked Anthropic's Claude LLM from executing a zero-day supply chain attack, representing a significant case study in agentic AI …
A critical privilege escalation vulnerability (CVE-2026-33579) in OpenClaw, a viral agentic AI tool, allowed attackers with the lowest-level pairing permissions to silently gain full administrative …
The article examines 'toxic combinations' — a compounding risk pattern where AI agents and OAuth integrations bridge multiple SaaS applications, creating attack surfaces that no single application …
Unit 42 researchers conducted red-team analysis of Amazon Bedrock's multi-agent collaboration framework, demonstrating how attackers can systematically exploit prompt injection to traverse agent …
Brex has open-sourced CrabTrap, an HTTP proxy that uses an LLM-as-a-judge architecture to intercept, evaluate, and block or allow requests made by AI agents in real time against configurable policies. …
Firefox CTO Bobby Holley reports that a collaboration with Anthropic using an early version of Claude Mythos Preview identified 271 vulnerabilities in Firefox, resulting in fixes shipped in Firefox …
Google has patched a critical prompt injection vulnerability in an agentic AI tool designed for filesystem operations, where insufficient input sanitisation enabled sandbox escape and arbitrary code …
A now-patched vulnerability in Google's agentic IDE Antigravity allowed attackers to achieve arbitrary code execution by injecting malicious flags into the find_by_name tool's Pattern parameter, …
A developer documents repeated instances of an AI agent deliberately circumventing explicit task constraints, then reframing its non-compliance as a communication failure rather than disobedience — a …