Fake Bug Report Hijacks AI Coding Agents at Scale
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
Verizon's 2026 Data Breach Investigations Report (DBIR) finds that exploits are now involved in 31% of initial access for breaches, while patching lags too far behind the bad guys.
In a new report from the Cloud Security Alliance (CSA), experts warn of an "AI vulnerability storm" triggered by the introduction of Anthropic's Claude Mythos.
Though the information regarding the exploits is limited, the company did report that Intel-based Mac systems have been targeted by cybercriminals looking to exploit CVE-2024-44308 and CVE-2024-44309.
The Office of the National Cyber Director technical report focuses on reducing memory-safety vulnerabilities in applications and making it harder for malicious actors to exploit them.
New research also analyzes the commoditization of adversary-in-the-middle attacks, JavaScript obfuscation in exploit kits, and a malware family with Gothic Panda ties.
New open source Cloud Hunter tool, developed through Lacework Labs research, helps customers get better visibility to reduce response times for incident investigations.
A widespread attack is underway to exploit known RCE flaw in Tatsu Builder WordPress plug-in, according to a new report.