Over 750,000 websites require patching following discovery of DotNetNuke XSS vulnerability ...

CVE-2026-42208 exploited within 36 hours of disclosure, exposing LiteLLM credentials, risking cloud account compromise.

ThreatDown’s EDR team discovered a sophisticated, multi-stage attack chain during an active investigation; the first documented case of attackers abusing the Deno runtime as a malware execution ...

Google's security team scanned billions of web pages and found real payloads designed to trick AI agents into sending money, ...

Google has analyzed AI indirect prompt injection attempts involving sites on the public web and noticed an increase in ...

The Bitwarden CLI NPM package compromise is tied to a Checkmarx supply chain attack and references the Shai-Hulud worm.

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...

Security leaders must adapt large language model controls such as input validation, output filtering and least-privilege access for artificial intelligence systems to prevent prompt injection attacks.

It is little surprise that biometric injection attacks have spiked, according to the latest Threat Intelligence Report 2026 from iProov. But behind the 741 percent overall annual increase is a shift ...