Rogue Agent, a vulnerability in Google Cloud Dialogflow CX, allowed attackers to control agents and exfiltrate sensitive data.
Multiple weaponized proof-of-concept (PoC) exploits on GitHub delivered a Python-based remote access trojan (RAT) called ChocoPoC that can execute commands and steal sensitive data. However, ChocoPoC ...
Malicious packages on the Node Package Manager (npm) and the Python Package Index (PyPI) delivered stealer malware to developers and users of Paysafe, Skrill, and Neteller payment applications. The ...
A threat group researchers call "Armored Likho" has gained access to government agencies and electrical power entities in ...
Growing use of coding agents and consumption-based pricing models could push per-developer AI spending to unprecedented ...
PayU has launched Builder MCP and CLI, two AI-powered developer tools that speed payment gateway integrations and simplify ...
ESET Research has released its H1 2026 Threat Report with statistics from December 2025 through May 2026.ClickFix – a social engineering ...
Attackers have begun embedding hidden instructions in websites to target AI agents, according to new research. Zscaler's ...
Zscaler found attackers using SEO poisoning and hidden prompts in malicious websites to manipulate AI agents into making cryptocurrency payments.
The AI-assisted editor now works alongside the platform's MCP server and interactive documentation, giving developers plain-language code generation, debugging, and reference lookup across a single ...
Armored Likho BusySnake Stealer, a Python-based infostealer first disclosed by Kaspersky, is actively targeting government ...
SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...