Sysdig says JADEPUFFER used CVE-2025-3248 in Langflow to automate intrusion, credential theft, encryption, and data wipe.
Claude's prompt injection attack surface extends far beyond chat. Skills execute with system-prompt authority. Web content flows into agent reasoning without trust boundaries. MCP servers bridge ...
Claude AI helped a security researcher exploit a SQL injection flaw in Front Gate Tickets, Live Nation's festival ticketing platform. The vulnerability exposed 500+ database tables, employee ...
As enterprises rapidly embrace multimodal AI capable of understanding both text and images, security researchers are discovering that these powerful new capabilities introduce equally sophisticated ...