YubiKey Manager: Security vulnerability allows execution of injected code

Yubico warns of a search path vulnerability in YubiKey Manager, libfido2 and python-fido2. Updates fix the bugs.

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Verdict on MSN

Is 'nearly right' AI generated code becoming an enterprise business risk?

Code that might appear correct but actually misses edge cases or generates inaccurate results can trigger outages, faulty ...
Crypto Briefing

AI coding agents hacked via prompt injection, impacting Google and Anthropic markets

AI coding agents from Anthropic and Google were hacked, leading to a drop in confidence; Google’s top AI model by June 2026 ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...
Dark Reading

Microsoft, Salesforce Patch AI Agent Data Leak Flaws

Two recently fixed prompt injections in Salesforce Agentforce and Microsoft Copilot would have enabled an external attacker ...
Cybernews

AI agents targeted via routers to inject payloads and steal your secrets

As AI agents increasingly rely on third-party API routers, criminals are using this dependence to trick users and inject malicious code into their machines.