7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
TechRadar

What AI coding benchmarks still miss about software quality

A recent paper, SlopCodeBench: Benchmarking How Coding Agents Degrade Over Long-Horizon Iterative Tasks (Orlanski et al.), gets closer to that question than most benchmark work. Instead of scoring one ...
MUO on MSN

I stopped using cloud image editors after I found this self-hosted alternative

Cloud image editors are now much harder to justify.

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with running a seemingly benign GitHub repository could execute a malicious payload that is ...

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one ...
SecurityWeek

FFmpeg PixelSmash Flaw Allows RCE on Video Players, Media Servers, NAS Appliances

PixelSmash is a vulnerability in the FFmpeg framework that can be exploited via crafted media files for remote code execution ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

Microsoft fixes AutoGen Studio flaw that enabled code execution

A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers ...
Microsoft

One intrusion, two cyberattackers: Uncovering parallel threat activity

Microsoft DART uncovers dual threat actors in a single intrusion, revealing how blended tactics conceal attacks and ...
Decrypt

This AI Agent Survived 6,000 Hack Attempts—Here’s How

Developer Fernando Irarrázaval's AI agent experiment drew over 6,000 hack attempts from more than 2,000 attackers. No one ...