Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
CISA added CVE-2026-45659 SharePoint Server RCE to KEV following confirmed exploitation, requiring U.S. agencies to patch by ...
Researchers have discovered two vulnerabilities in the widely used Cursor AI-enabled integrated development environment (IDE) ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Last Tuesday, Microsoft patched a vulnerability it rated as max critical in its M365 Copilot AI platform. On Monday, the researchers who discovered the vulnerability and reported it to Microsoft ...
Nightmare Eclipse Zero-Days: Three zero-day vulnerabilities disclosed by Nightmare Eclipse, complete with exploit code, were patched in the June 2026 update. RoguePlanet Release: Nightmare Eclipse ...
A new Windows zero-day reportedly bypasses BitLocker, adding pressure on Microsoft as researchers debate the exploit’s real-world impact. A new Windows zero-day has turned BitLocker, one of ...
Threat actors have begun exploiting a high-severity vulnerability in the popular low-code AI development platform Langflow, according to VulnCheck. Tracked as CVE-2026-5027 (CVSS score of 8.8), the ...
Security researcher Nightmare Eclipse has released a new Windows BitLocker bypass, only one day after publishing an exploit targeting Microsoft Defender. Named GreatXML, the fresh exploit allows users ...
The zero-day "nightmare" apparently isn't over for Microsoft, as a disgruntled researcher who's been feuding with the company for the past three months has dropped yet another proof-of-concept (PoC) ...
A security researcher known as Nightmare Eclipse has released a new Microsoft Defender zero-day exploit called “RoguePlanet” shortly after Microsoft reportedly decided not to pursue legal action ...