Microsoft’s Agent Governance Toolkit brings runtime policy enforcement to autonomous agents, based on the OWASP top 10 agent ...

Google says attackers are using AI for zero-day research, malware development, reconnaissance, and access to premium AI tools.

The deal gives Anthropic tighter control over how developers connect Claude to software and business systems as AI vendors ...

Shares of cloud security and performance company Cloudflare (NYSE:NET) jumped 8% in the afternoon session after cloud ...

The ChromaToast vulnerability can be exploited by forcing the ChromaDB API server to fetch and load maliciously crafted AI ...

Why it matters: Automating security tasks reduces human error, speeds up detection, and ensures consistent reporting for vulnerability management, compliance, and proactive threat mitigation. What’s ...

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...

Storm-2949 turned stolen credentials into a cloud-wide breach, moving from identity compromise to large-scale data theft ...

TrapDoor spread 34 malicious packages across npm, PyPI, and Crates.io, stealing developer credentials and enabling persistence.

GGUF parser vulnerabilities disclosed May 15, 2026 include a critical integer overflow that lets any malicious model file trigger arbitrary memory reads — affecting Ollama, LM Studio, and every local ...

Organizations need to internalize a simple principle: Calling an LLM API is a data transfer. You're trusting the provider with every piece of information included in that context window. The data ...

With Flash GA, the company is attempting to transition from being a provider of raw compute to becoming the essential orchestration layer for the AI-first cloud.