ColdFusion 2023 Update 21, 2025 Update 10, and ACC v7 build 9397 fix code execution bugs; no exploits reported.
The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
CISA warned on Wednesday that attackers have begun exploiting a high-severity Microsoft SharePoint remote code execution ...
A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
AWS launched Lambda MicroVMs, a new serverless compute primitive that runs each user session or AI agent in its own ...
Paradigm Shift has published a working exploit for Apple's A12 and A13 SecureROM. The flaw is in hardware, so no patch will ...
GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...
A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks.
Researchers found Cordyceps CI/CD flaws affecting 300+ repositories, enabling code execution, credential theft, and supply ...
Would you trust an AI agent to run unverified code on your system? For developers and AI practitioners, this question isn’t just hypothetical—it’s a critical challenge. The risks of executing ...
Grok Build autonomous coding agent gains /goal mode: xAI’s terminal agent now plans, executes, and self-verifies complex ...
A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google Calendar events. A newly disclosed flaw in Anthropic’s Claude Desktop Extensions ...