Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

GGUF parser vulnerabilities disclosed May 15, 2026 include a critical integer overflow that lets any malicious model file trigger arbitrary memory reads — affecting Ollama, LM Studio, and every local ...

DockSec correlates findings from container security scanners and uses AI to generate remediation guidance and exact Dockerfile fixes.

The OWASP-backed tool scans JavaScript and TypeScript lockfiles locally, aiming to help developers catch and remediate dependency risks before CI failures.

Anthropic says its Claude Mythos model discovered thousands of severe vulnerabilities across more than 1,000 OSS projects.

A GitHub employee installed a routine VS Code extension update, handed cybercrime group TeamPCP enough access to exfiltrate ...

The zero-day-to-n-day collapse is no longer theoretical, as demonstrated by CVE-2026-39987 in Marimo, which saw initial exploitation occur just nine hours and 41 minutes after disclosure without a ...

Four supply-chain attacks hit OpenAI, Anthropic, and Meta in 50 days — none inside the model. A 7-row matrix maps what AI ...

On May 11, the same day Google’s Threat Intelligence Group disclosed the first confirmed case of attackers using AI to build ...

SAN FRANCISCO--(BUSINESS WIRE)--depthfirst, an applied AI lab on a mission to secure the world’s software, today announced the launch of the depthfirst Open Defense Initiative (the “Initiative”).

A cybercriminal group came close to launching a mass attack earlier this year, armed with a software exploit that an AI model ...

Google's Threat Intelligence Group said hackers are using AI models such as OpenClaw to uncover and exploit zero-day software vulnerabilities. The group said in a report that it had uncovered and ...