AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

CISA added CVE-2026-42271, a high-severity LiteLLM command injection flaw, to its KEV catalog after evidence of active ...

AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...

The structured query language is a powerful tool for connecting to many database systems that store data in tables organized into rows and columns. It's often used on the backend of business websites ...

LangChain and LangGraph patch three high-severity flaws exposing files, secrets, and conversation histories Vulnerabilities included path traversal, deserialization leaks, and SQL injection in SQLite ...

DuckDB Spec-OS for multi-org AI agent swarms. Central specification management, 280+ SQL macros, interactive agent REPL, MCP Apps, meta-learning, and smart extensions. src/agent_farm/ ├── cli.py # ...

Direct prompt injection is the hacker’s equivalent of walking up to your AI and telling it to ignore everything it’s ever been told. It’s raw, immediate, and, in the wrong hands, devastating. The ...

App security outfit Checkmarx says automated reviews in Anthropic's Claude Code can catch some bugs but miss others – and sometimes create new risks by executing code while testing it. Anthropic ...

AI coding assistants introduce too many security flaws and should be a wake-up call for the industry, security researchers from Veracode warn. More often than not, the code will be functional but ...

Python remains the top choice for scripting, automation, and penetration testing in cybersecurity. Rust and Go are gaining traction for building secure, memory-safe, and high-performance systems. C ...