Google Chrome is warning developers that WebMCP tools can be used to manipulate and hijack AI agents. New guidance outlines ...

Tenet Security researchers reveal how new “agentjacking” attacks could trick coding agents into executing arbitrary code ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

Researchers have uncovered a supply-chain attack that hides in Python packages, propagates like a worm, and tricks LLM-based ...

Researchers at Cyera found six vulnerabilities in protobuf.js, including a flaw that can turn attacker-controlled schema data into executable code and expose downstream software supply chains. A ...

Aware, Inc. (NASDAQ: AWRE), a global leader in biometric orchestration, today announced substantial innovations to the Awareness Platform™. New offerings include expanded biometric ...

With the rise of AI coding assistants continuing apparently unabated, some project maintainers have begun striking back. Ars Technica reports on projects putting hostile directions into the ...

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...

This guide explores the fundamental concepts of JSON validation and cleaning, providing insights into structuring data and ...

At the DASH conference, Datadog presents new features for autonomous IT operations and AI security with Bits AI SRE, AI Guard ...