Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
CNET

Malware Has Gotten Smarter. Here's How Your Antivirus Has, Too

Antivirus software used to hunt for known malware, but now it’s predicting suspicious behavior before an attack fully lands.
SecurityWeek

Over 100 NPM, PyPI Packages Hit in New Shai-Hulud Supply Chain Attacks

The most recent variants of the self-propagating attacks are named Miasma and Hades. New iterations of the Shai-Hulud supply chain attack have hit over 100 packages across the NPM and PyPI ecosystems, ...