This website uses cookies
Read our Privacy policy and Terms of use for more information.
Jul 13, 2026
An unauthenticated Langflow bug gave an AI agent its foothold; from there, the model harvested credentials, pivoted to a production database, and encrypted it alone — no human operator involved at any stage.
Jul 6, 2026
A trusted tool's metadata, not its code, is now the attack surface: Microsoft says a single hidden instruction buried in a tool description can redirect an AI agent's next action, and a real-world case already proves the technique works.
Jun 29, 2026
Sysdig caught an intruder using an unauthenticated Ollama server — one of roughly 175,000 sitting open online — as the reasoning core of an automated attack that scanned, wrote exploits, and escalated on its own.
Jun 22, 2026
A stolen AI key is metered spend, a data path, and free model use in one — and last week brought two ways to take it: JetBrains plugins siphoning keys in plaintext and a 9.9 LiteLLM chain ending in root.
Jun 15, 2026
How to Secure Your Agentic AI Frameworks Against Escalating Critical Vulnerabilities
Jun 8, 2026
Cisco confirms exploitation across on-prem, cloud, and FedRAMP deployments: a netadmin-to-root command-injection bug that has already been used to push configuration changes to edge devices.
Jun 5, 2026
The Mirasvit Full Page Cache Warmer extension deserializes an attacker-controlled cookie on ordinary storefront requests, turning a single unauthenticated HTTP request into remote code execution; CISA added the flaw to its Known Exploited Vulnerabilities catalogue on June 3 after researchers observed live attacks.
Jun 4, 2026
An AI bug-hunter found CVE-2026-23479, a use-after-free in Redis that an authenticated session escalates to remote code execution — and in default, passwordless deployments the default user already carries every privilege required.
Jun 2, 2026
A hijacked Red Hat developer account pushed a Mini Shai-Hulud variant into @redhat-cloud-services; its preinstall hook steals cloud, Vault, and pipeline credentials before any code runs.
Jun 1, 2026
Rapid7 released a Metasploit module for an unpatched Gogs flaw; on default installs, any self-registered user runs code and reads every repo, token, and SSH key.