From late April 2026 to mid-June 2026, Microsoft Defender Experts observed increased ACR Stealer activity across customer ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub were found delivering a Python-based remote access trojan (RAT) named ChocoPoC that can execute commands and steal sensitive data in a ...
CVE-2026-59208, a JWT matching flaw that could log users into another issuer’s account on affected multi-issuer Enterprise ...
Google fixed Rogue Agent, a Dialogflow CX Code Blocks flaw that could let one writable agent affect every chatbot in a Cloud ...
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
JadePuffer, a ransomware operation, used an AI agent to carry out much of the intrusion chain from reconnaissance, key theft, ...
Zscaler found attackers using SEO poisoning and hidden prompts in malicious websites to manipulate AI agents into making cryptocurrency payments.
The FBI warned that TeamPCP software supply chain attacks targeted developer tools to steal cloud credentials, SSH keys, and ...
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.
Cloud security firm Sysdig has documented what it says is the first ransomware attack carried out from initial exploitation through encryption by an autonomous AI agent, without a human directing each ...
A North Korea-linked macOS backdoor has been caught hiding a prompt injection that targets malware analyst's AI tools, rather than the sandbox analyzing it. SentinelLabs, the research arm of ...
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results