A flaw in Hugging Face Transformers could allow malicious AI models to execute code, exposing credentials and highlighting AI supply chain risks. Organizations using vulnerable versions of the Hugging ...
Researchers warn AI agents could be tricked into downloading malicious code by exploiting hallucinations that cause chatbots ...
EXCLUSIVE Pentera Labs’ red teamers compromised a developer’s AI agent via his Claude Desktop app and ultimately turned that access into full remote code execution on the devs ...
Frontier AI models are outrunning the benchmarks built to measure their hacking skills, just as a 1 August US deadline for new testing standards looms.
Sysdig's JadePuffer case is billed as the first ransomware attack planned and executed end to end by an AI agent, with no human directing it.
A team of security researchers chained two vulnerabilities in LiteLLM, the popular open-source proxy that routes enterprise traffic to large language model providers, and walked away with arbitrary ...
A zero-click flaw in Anthropic’s Claude Desktop Extensions allows attackers to trigger remote code execution via Google Calendar events. A newly disclosed flaw in Anthropic’s Claude Desktop Extensions ...
CyberGym benchmark scores over time, showing the rapid improvement in AI vulnerability discovery capabilities. Microsoft’s multi-model MDASH system (top right) tops the leaderboard at 88.4%. (CyberGym ...
As part of the effort to push Large Language Model (LLM) ‘AI’ into more and more places, Anthropic’s Model Context Protocol (MCP) has been adopted as the standard to connect LLMs with various external ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results