Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.
InfoWorld

An open-source toolkit for controlling out-of-control AI agents

Microsoft’s Agent Governance Toolkit brings runtime policy enforcement to autonomous agents, based on the OWASP top 10 agent ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
SecurityWeek

GlassWorm Botnet Disrupted

The four C&C channels used by GlassWorm, the botnet targeting open source software developers, have been disrupted.
Dark Reading

For Enterprises, Security Remains Agentic AI's Biggest Challenge

Every company may need an agentic AI strategy, but the tools to allow frameworks such as OpenClaw to be securely used have ...
The Hacker News

GlassWorm Malware Takedown Disrupts Developer Supply Chain Attack Infrastructure

GlassWorm poisoned 300 GitHub repositories since 2025, enabling supply chain attacks against developers and organizations.
Computer Weekly

Glassworm botnet that targeted OS devs smashed to pieces

CrowdStrike, Google and the Shadowserver Foundation worked together to take down a botnet that poisoned over 300 GitHub ...

AI is making everyone web app builders - but leaving teams exposed

When (and why) does AI coding flip from promising to a security nightmare? Let's look under the coding hood.

Google blocked the first known AI-powered attack on 2FA accounts; here is how hackers tried to break in, know how to stay safe

Foreign hackers attempted a novel AI-powered cyberattack targeting two-factor authentication using a zero-day exploit. Google's Threat Intelligence Group detected and thwarted this sophisticated plot, ...
Infosecurity Magazine

CrowdStrike, Google Take Down Glassworm Botnet

An industry effort involving CrowdStrike, Google and the Shadowserver Foundation has led to the disruption of the Glassworm ...

Google AI Studio Cheat Sheet: Features, Pricing, and More

Google AI Studio lets users test Gemini models, build apps, generate media, and export code. Here’s what it does, costs, and ...