Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
Two critical Cursor IDE vulnerabilities, dubbed DuneSlide, let prompt injection break the editor's command sandbox with no ...
A critical prompt injection vulnerability in GitHub Agentic Workflows could allow unauthenticated attackers to leak private repository data, ...
Ubiquiti has released security updates to patch seven critical vulnerabilities in UniFi OS, including a maximum-severity flaw ...
Fortinet released three security advisories on the second Tuesday of the month, commonly known as “Patchday” by other vendors. One concerns a critical security vulnerability in FortiSandbox; the other ...
Heckmeck about security vulnerabilities with the highest risk rating in Ivanti's Sentry: CISA, and some IT security companies warn of ongoing attacks. Ivanti downplays it, saying they are just ...
A prompt injection attack can trick GitHub’s preview Agentic Workflows into retrieving content from private repositories and ...
In 2025 and 2026, several independent sources have highlighted the same trend: Prompt injection remains one of the most ...
SentinelOne says macOS.Gaslight uses prompt injection to mislead AI-based malware analysis, steal data, and use Telegram for ...
A 16-year-old Linux KVM flaw (CVE-2026-53359) dubbed Januscape can allow attackers to escape virtual machines and execute ...
Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft ...
Researchers from Politecnico di Torino and CEA-List published a technical paper titled “InjectV: Modeling Fault Injection Attacks in RISC-V Simulation Environment.” “Fault Injection Attacks (FIAs) are ...