JadePuffer could be the first reported case of a ransomware attack driven by AI from start to finish. How can businesses ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Security vulnerabilities in the self-hosting platform offer attack possibilities with low, albeit narrowly defined, access ...
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt ...
BeyondTrust warned customers to patch two critical security flaws in its Remote Support (RS) and Privileged Remote Access ...
A China-linked threat cluster has been exploiting vulnerable Roundcube servers at U.S. and Canadian universities to steal ...
Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Several AI coding assistants were tricked into facilitating developer machine hacking via an attack technique that has been ...
CISA added a Microsoft SharePoint RCE flaw to its exploited bugs catalog after confirming active attacks on unpatched servers ...
Autonomous AI agents are no longer theoretical cyber risks as new research shows a large language model executing an end-to-end ransomware campaign, highlighting the urgency of patching known ...
Proofpoint says UNK_MassTraction exploited patched Roundcube flaws to target U.S. and Canadian university mail servers.
Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your security tools look.