As enterprises rapidly embrace multimodal AI capable of understanding both text and images, security researchers are discovering that these powerful new capabilities introduce equally sophisticated ...
Mozilla 0DIN’s Claude Code demo shows how clean GitHub repos can expose AI coding agents to prompt injection, reverse shells, and credential risk.
As organizations rush to move AI into production, they’re finding that the tools they rely on to monitor traditional software ...
LayerX found that BioShocking could trick AI browsers into leaking credentials by disguising malicious prompts as game rules.
DeepKeep, the end-to-end AI security platform, today unveiled a new class of visual prompt injection vulnerability – dubbed 'InkJect,' a nod to the hidden 'ink' within images used to inject malicious ...
Sentire says attacks began June 29 against a CVSS 9.6 OS command injection flaw that enables unauthenticated code execution.
If you tend to copy/paste content from websites, you might be surprised to find yourself under the thrall of a ClickFix ...
Wireless file-sharing tools have become a standard feature on modern smartphones, allowing users to transfer photos, ...
LayerX tricked six AI browsers, including ChatGPT Atlas, Comet and Claude, into leaking user credentials by convincing them they were playing a game.
Anthropic has released the latest version of its mid-sized model, Sonnet 5, which the company claims is its most “agentic” yet. For developers writing agents to automate tedious and recurring tasks, ...
RPGツクールMVおよびMZのセーブデータ機能では、セーブデータの読み込み処理において細工された内容を適切に扱うことができず、OSコマンドインジェクション(CVE-2026-56137)に悪用される可能性があり、細工されたセーブデータを読み込んだ場合、任意のOSコマンドが実行される可能性がある。
Part of the SD Times 100 2026 series. See the full SD Times 100 2026 list for every category and honoree. Application security has spent years maturing around a relatively stable assumption: a human ...
一部の結果でアクセス不可の可能性があるため、非表示になっています。
アクセス不可の結果を表示する