Attackers can inject indirect prompts in normal-looking repositories to trick Claude Code into spawning a reverse shell.

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.

The popular product lifecycle management platform is under active exploitation for an RCE vulnerability that could put ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

OpenAI launches Patch the Planet to help open-source maintainers find, validate and fix software bugs with AI and human ...

OpenAI is now turning its Daybreak initiative into a defensive cybersecurity program that combines Codex updates, the GPT-5.5-Cyber release and partner access for approved organizations. As OpenAI ...

Cordyceps, a systemic class of exploitable CI/CD vulnerabilities, allows unauthenticated attackers to hijack developer ...

Companies must be capable of detecting malicious DLLs and vulnerabilities in software libraries to prevent early-stage ...

With a security initiative, OpenAI competes with Anthropic's Mythos and also offers a security review service for open-source ...

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...

The same day OpenAI announced the most significant expansion of its Daybreak cybersecurity initiative since the platform launched in May, intelligence agencies from all five nations of the Five Eyes ...

Patch the Planet’ pairs automated analysis with expert review to uncover and remediate vulnerabilities in core infrastructure ...