Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

AI-assisted security analysis uncovered critical PostgreSQL and MariaDB vulnerabilities that remained hidden for more than two decades, highlighting the growing importance of continuously auditing ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...

Researchers demonstrate how attackers can weaponize trusted repositories to hijack AI coding assistants and compromise ...

In late April 2026, a vulnerability disclosure quietly landed in the National Vulnerability Database that should unsettle anyone who uses AI-powered coding tools. The entry, CVE-2025-59041, describes ...

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

Threat actors are targeting macOS users with fake utility fixes that trick them into running malicious Terminal commands.

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Researchers warn insecure AI systems and exposed infrastructure are creating growing cybersecurity risks globally.