Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Microsoft

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

‘Leviticus’ Review: The Shocking Shapes That Love Can Take

In this Australian chiller, a conversion therapy ritual unleashes shape-shifting ghouls that take the form of desired ones.
The Hacker News

The Hacker News | #1 Trusted Source for Cybersecurity News

Threat actors are exploiting a recently patched security flaw impacting Gravity SMTP, a WordPress plugin that's installed on about 100,000 sites. The vulnerability, tracked as CVE-2026-4020 (CVSS ...
GitHub

alefragnani/vscode-pascal-formatter

Pascal Formatter is an open source extension created for Visual Studio Code. While being free and open source, if you find it useful, please consider supporting it ...
Dark Reading

Application Security

Explore the latest news and expert commentary on Application Security, brought to you by the editors of Dark Reading ...
GitHub

GitHub Copilot: Your AI pair programmer

Can users in my organization use Copilot code reviews for their pull requests if they don’t have a Copilot license? How does billing work for Copilot code review usage generated by users without a ...