CISA warned that a Meteobridge vulnerability patched in May has been exploited in attacks and added the flaw to its KEV catalog.

You wake up. Your AI wakes up. Somewhere, a stranger types a sentence, and your AI listens. This is not science fiction. This ...

Attackers are increasingly exploiting generative AI by embedding malicious prompts in macros and exposing hidden data through parsers. The switch in adversarial tactics — noted in a recent State of ...

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...

HiddenLayer researchers detailed a new AI “virus” that spreads through coding assistants. The CopyPasta attack uses hidden prompts disguised as license files to replicate across code. A researcher ...

As agents become integrated with more advanced functionality, such as code generation, you will see more Remote Code Execution (RCE)/Command Injection vulnerabilities in LLM applications. However, ...

AI agents that can control and read data from an internet browser are also susceptible to obeying malicious text circulating in web content. When he's not battling bugs and robots in Helldivers 2, ...

Such attacks can be carried out using basic emails A similar vulnerability was recently spotted in Gemini in Gmail In a demo, CloudSEK was able to deliver payload using an AI summariser ...

Want smarter insights in your inbox? Sign up for our weekly newsletters to get only what matters to enterprise AI, data, and security leaders. Subscribe Now Anthropic has begun testing a Chrome ...

“AI” tools are all the rage at the moment, even among users who aren’t all that savvy when it comes to conventional software or security—and that’s opening up all sorts of new opportunities for ...

Brave announced that it has discovered a security vulnerability in Perplexity’s AI web browser, Comet. It reported the issue to Perplexity previously, which fixed the issue. “While looking at Comet, ...

Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user approval. A vulnerability in the AI code editor Cursor allowed remote attackers to ...