The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

Fox Tempest is a financially motivated threat actor operating a malware‑signing‑as‑a‑service (MSaaS) used by other ...

Vercel Labs released Zero on May 15, 2026 — a low-level systems programming language whose compiler was built from the ground ...

I started this as a side project, but my Windows Command Center suddenly became useful.

Weekly ThreatsDay Bulletin: supply chain attacks, fake support lures, AI tampering, data leaks, ransomware, and exploited ...

TeamPCP’s Mini Shai-Hulud campaign used hijacked GitHub OIDC tokens to spread a credential-stealing worm through TanStack npm ...

A fake repository mimicking OpenAI’s Privacy Filter on Hugging Face accumulated ~244,000 downloads before being removed. It delivered a multi-stage Rust infostealer ...

Whether you want simple fire-and-forget alerts or full two-way control, here's how to securely wire your AI agent into Slack.

Recently, I have been hard at work, creating some really complex PowerShell scripts related to a few projects that I have been working on. One of the big lessons that I have learned through all of ...

ESP-Claw turns your ESP32 into a full fledged AI agent, with web search and Telegram support.

The post How Escape AI Pentesting Exploited SSRF in LiteLLM appeared first on Escape – Application Security & Offensive Security Blog. At Escape, we routinely test the AI infrastructure that teams ...

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...