According to Socket, malicious payment SDK packages on npm and PyPI are harvesting developer credentials and CI/CD ...
Sophos says Claude Code, Cursor, and Codex triggered Windows endpoint rules for credential access, LOLBin downloads, and ...
Rogue Agent, a vulnerability in Google Cloud Dialogflow CX, allowed attackers to control agents and exfiltrate sensitive data.
These third-party projects greatly expand the ways agents and LLMs can draw on facts, documents, and conversations to deliver ...