Security researchers have discovered 10 new indirect prompt injection (IPI) payloads targeting AI agents with malicious ...

This was not a case of stolen credentials, but rather of vulnerability exploitation.

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...

Google has analyzed AI indirect prompt injection attempts involving sites on the public web and noticed an increase in ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

Wiz researchers are set for a tidy payday thanks to their discovery of a high-severity flaw in GitHub's git infrastructure ...

A consequential shift is underway in how enterprise breaches begin. The leaked credential — once treated as a hygiene problem ...

For decades, this type of no-skill hacker, known as a script kiddie, has wreaked havoc, running scripts they ripped from the ...

Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

Three supply chain attacks hit npm, PyPI, and Docker Hub between April 21–23, 2026. All three targeted secrets: API keys, cloud credentials, SSH keys, and tokens from developer environments and CI/CD ...

A mis-scoped Agent ID Administrator role in Entra ID allowed users to take ownership of unrelated service principals, ...