Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the ...

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...

Attackers have begun backdooring internet-exposed Ivanti Sentry appliances, the nonprofit security watchdog Shadowserver confirmed on June 11, 2026 — less than 48 hours after patches and a public ...

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

Researchers say current AI agents fail to consistently resist prompt injection attacks, exposing enterprises to failures that ...

Two OS command injection flaws can be exploited remotely, without authentication, for arbitrary code execution.

A new benchmark study found AI agents remain vulnerable to prompt injection attacks as companies increasingly roll out the ...

Three recently patched Fortinet FortiSandbox vulnerabilities are being targeted in the wild, according to exploit ...

Even with Lockdown Mode, ChatGPT could be still vulnerable to prompt injections, but the goal is to reduce the likelihood ...

ChatGPT's new Lockdown Mode disables live browsing, agent mode, and deep research to stop attackers from stealing data through prompt injection.

SAP has released the May 2026 security updates addressing 15 vulnerabilities across multiple products, including two critical flaws in Commerce Cloud and S/4HANA. Commerce Cloud is an enterprise-grade ...