Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...

Polymarket hack stemmed from a compromised third-party vendor that injected malicious JavaScript into the platform’s frontend. Over 11 wallets lost PUSD on Polygon; stolen funds were bridged to ...

You can minimize the degree to which your browser spies on you, but potential hackers can use your own SSD against you and ...

GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...

Mastra AI’s 144 JavaScript packages was executed in just 88 minutes by North Korea’s Sapphire Sleet hacking group, which ...

North Korean threat actor Sapphire Sleet has been linked to a supply chain attack targeting Mastra, according to Microsoft ...

JFrog found malicious npm packages that deploy a Windows RAT to steal Chrome credentials, run commands, and transfer files.

Figma Config 2026 closed Thursday with Code Layers for GitHub-linked canvas editing, Figma Motion in open beta with CSS and ...

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.