'Claude DXT's container falls noticeably short of what is expected from a sandbox' LayerX, a security company based in Tel Aviv, says it has identified a zero-click remote code execution vulnerability ...

A new report out today from artificial intelligence security startup Cyata Security Ltd. details a critical remote code execution vulnerability in Cursor Inc.’s integrated development environment that ...

Docker patched a critical Ask Gordon AI flaw enabling code execution and data theft via malicious image metadata in version 4 ...

AI assistants apparently can't distinguish between instructions and data, and that is at the center of many zero-click prompt ...

Learn how Zero-Knowledge Proofs (ZKP) provide verifiable tool execution for Model Context Protocol (MCP) in a post-quantum world. Secure your AI infrastructure today.

The bug allows attacker-controlled model servers to inject code, steal session tokens, and, in some cases, escalate to remote code execution on enterprise AI backends. Security researchers have ...

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...

Google has disclosed that its Gemini artificial intelligence models are being increasingly exploited by state-sponsored hacking groups, signaling a major shift in how cyberattacks are planned and ...