The offices of Google are pictured in London on February 28, 2026. JUSTIN TALLIS/AFP via Getty Images Google released agents-cli on April 21, 2026, and it has shipped 13 updates in the 71 days since — ...
CVE-2026-12957 in Amazon Q is the third MCP auto-execution vulnerability in three AI coding tools. The pattern reveals a ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.
A developer reverse-engineering Anthropic's Claude Code binary discovered on June 30, 2026, that the tool had been silently encoding hidden signals into its AI system prompts for at least three months ...
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, ...
EXCLUSIVE Pentera Labs’ red teamers compromised a developer’s AI agent via his Claude Desktop app and ultimately turned that access into full remote code execution on the devs ...
Opera's new Paste Protect feature defends against clipboard injection attacks like ClickFix that antivirus often misses.
Two critical Cursor IDE vulnerabilities, dubbed DuneSlide, let prompt injection break the editor's command sandbox with no ...
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
The “free” clipboard manager you just downloaded could be doing more than just copying and pasting text. Researchers recently found a new malware called PamStealer disguised as Maccy, a popular ...
Agentic coding tools vulnerable to command execution via DNS records ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results