January 2026 was a wake-up month for enterprise security teams. In a single week, CERT-In released three high-severity ...

Researchers found an indirect prompt injection flaw in Google Gemini that bypassed Calendar privacy controls and exposed ...

The indirect prompt injection vulnerability allows an attacker to weaponize Google invites to circumvent privacy controls and ...

The Model Context Protocol (MCP) has quickly become the open protocol that enables AI agents to connect securely to external tools, databases, and business systems. But this convenience comes with ...

F5's Guardrails blocks prompts that attempt jailbreaks or injection attacks, and its AI Red Team automates vulnerability ...

A vulnerability in the AIOSEO plugin affecting up to 3 million installations adds to the six vulnerabilities found in 2025.

The latest update from Microsoft deals with 112 flaws, including eight the company rated critical — and three zero-day exploits. Ninety-five of the vulnerabilities affect Windows.

Over three decades, the companies behind Web browsers have created a security stack to protect against abuses. Agentic browsers are undoing all that work.

HackerOne has released a new framework designed to provide the necessary legal cover for researchers to interrogate AI systems effectively.

Office workers without AI experience warned to watch for prompt injection attacks - good luck with that Anthropic's tendency to wave off prompt-injection risks is rearing its head in the company's new ...