Cloudflare ended years of partner-only restrictions on Wednesday, opening self-managed OAuth 2.0 to every developer on its platform. The move eliminates the manual onboarding process that previously ...
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely ...
TL/DR: OpenCode is an open-source, model-agnostic coding agent that runs in your terminal. You bring your own keys and point it at whatever model you like. Here is what it is, how it stacks up against ...
Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
The leaked bytes are the useful part. Squid reuses freed memory buffers without zeroing them, so a 4KB buffer that recently ...
Here’s an excerpt from this Cooley Alert penned by Beth Sasfai, Brad Goldberg, Michael Mencher, Vince Flynn, Victoria Peluso, Reid Hooper and ...
Okta introduced Cross App Access, or XAA, in June 2025 as a way to govern agent-to-app and app-to-app connections. Today’s ...
Squidbleed, discovered with the aid of Claude Mythos Preview, has been described as a Heartbleed-style vulnerability. Security researchers at Calif.io have disclosed a memory leak vulnerability in ...
Microsoft’s real competitor to Palantir Foundry is actually Microsoft Fabric + Fabric IQ, not Microsoft Foundry. Palantir has been doing Palantir things for over twenty years. Microsoft has been doing ...
This research is part of a joint initiative between the Cloud Security Alliance (CSA) and OWASP AI Exchange, building upon the previously published Agentic AI Red Teaming Guide. The objective of this ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results