Model Context Protocol (MCP) is an open standard allowing AI agents to securely connect to external tools and data sources ...

A cyber attack hit LiteLLM, an open-source library used in many AI systems, carrying malicious code that stole credentials ...

Overview Recently, NSFOCUS Technology CERT detected that the GitHub community disclosed that there was a credential stealing program in the new version of LiteLLM. Analysis confirmed that it had ...

In addition to rolling out patches to address two zero-days affecting SQL Server and .NET, Microsoft introduced Common Log File System hardening with signature verification.

OpenAI's Codex coding app is available on Windows after a period of exclusivity to macOS. The app is a hub where developers can manage multiple AI agents within a single project, allowing them to ...

This document applies MAESTRO Framework (7-layer Agentic AI Threat Model) to the OpenClaw codebase, identifying specific threats at each layer and detailing mitigation strategies based on the actual ...

Abstract: Ensuring secure and verifiable collaboration over shared filesystems remains a key challenge in multi-user environments. Existing systems offer integrity guarantees, but lack cryptographic ...

The path traversal bug allows attackers to include arbitrary filesystem content in generated PDFs when file paths are not properly validated. A now-fixed critical flaw in the jsPDF library could ...

The jsPDF library for generating PDF documents in JavaScript applications is vulnerable to a critical vulnerability that allows an attacker to steal sensitive data from the local filesystem by ...

Users of the "@adonisjs/bodyparser" npm package are being advised to update to the latest version following the disclosure of a critical security vulnerability that, if successfully exploited, could ...

Similar to #138061 in Fedora, we have found out that the digest in JIT stencils in 3.15.0a2 differs. (Clarification edit: This is not a new bug in a2, we merely have not discovered it before.) Due to ...