A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

Polymarket hack stemmed from a compromised third-party vendor that injected malicious JavaScript into the platform’s frontend. Over 11 wallets lost PUSD on Polygon; stolen funds were bridged to ...

North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft ...

Polymarket got hit. A suspected phishing attack on one of the platform's third-party vendors let hackers inject malicious ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

This week’s cybersecurity recap covers Firefox and Chrome bugs, EDR-killer tools, a TV botnet, an OpenBSD flaw, Android ...

A malicious npm package has been caught impersonating one of the JavaScript ecosystem's most widely used build tools. The ...

Cequence Security, a pioneer in application security, today announced the launch of Intent Graph and Biometric Check, two new capabilities that extend the behavioral architecture Cequence has built on ...

Google has released an unscheduled update for Chrome to close two critical security vulnerabilities. As criminals are already actively using these vulnerabilities for attacks, all users are advised to ...