Hackers can hijack ChatGPT, Claude, and Gemini with nothing but a sentence. OpenAI says the problem may never be fully solved.

The latest flare-up in the debate over AI-assisted coding did not come from a new model release or a benchmark result. It came from a single line of text buried inside a software update. Earlier this ...

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source ...

MuddyWater targeted 9 organizations in 9 countries during Q1 2026, using DLL side-loading to steal data and evade detection.

Ghost CMS SQL injection campaign has compromised 700+ websites — including Harvard University, Oxford University, and DuckDuckGo — using a CVSS 9.4 flaw to inject ClickFix malware lures that trick ...

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious ...

Two vulnerabilities are found in Cisco's Unity Connection. The more severe one allows authenticated attackers from the network to inject and execute malicious code via manipulated API requests to the ...

A security researcher, working with colleagues at Johns Hopkins University, opened a GitHub pull request, typed a malicious instruction into the PR title, and watched Anthropic’s Claude Code Security ...

SAN FRANCISCO, April 21, 2026 (GLOBE NEWSWIRE)-- Operant AI today announced the launch of CodeInjectionGuard, a new capability for its Agent Protector product that detects and blocks malicious code ...

Nearly 2,000 internal files were briefly leaked after ‘human error’, raising fresh security questions at the AI company Anthropic accidentally released part of the internal source code for its ...

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...