Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Companies are still experimenting with automated AI systems to find security weaknesses, but fewer are relying on the ...

As AI tools flood open-source maintainers with low quality bug reports, OpenAI's new Patch the Planet initiative aims to ...

Microsoft Threat Intelligence identified an active multi-stage intrusion campaign targeting hospitality organizations in ...

OpenAI launches Patch the Planet to help open-source maintainers find, validate and fix software bugs with AI and human ...

Microsoft, international law enforcement, and cybersecurity firms used AI to analyze and shut down the infrastructure used to run campaigns with Amadey and StealC malware in what the IT giant calls a ...

Researchers from Zscaler found a new malware campaign dubbed Edgecution.

OpenAI is now turning its Daybreak initiative into a defensive cybersecurity program that combines Codex updates, the GPT-5.5-Cyber release and partner access for approved organizations. As OpenAI ...

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...