Instructure, the parent company of Canvas, said in an online post that it “reached an agreement with the unauthorized actor ...

Traditional attacks try to break into systems, but model poisoning changes how systems behave after they are trusted.

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...

Buzur is an open-source 24-phase scanner that protects AI agents and LLM applications from indirect prompt injection attacks (OWASP LLM Top 10 #1). It inspects web content, URLs, images ...

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in Capsule Security's testing, data exfiltrated anyway. Here's what security ...

The explosion of generative artificial intelligence (AI) tools has provoked both hopes and anxieties about the potential benefits and harms of this technology. In advanced economies, people are almost ...

CERT-EU has attributed a major data breach at the European Commission to cybercrime group TeamPCP, which exploited a supply chain attack on the open-source security tool Trivy to steal 92 GB of ...

The European Union’s cybersecurity agency said Thursday that a recent hack and data breach at the EU’s executive body was the work of a cybercriminal group known as TeamPCP. In a new report, CERT-EU ...

The vast data centers that power artificial intelligence guzzle huge amounts of energy but they also have another alarming impact, according to new research. They are creating “heat islands,” warming ...

EDITOR’S NOTE: If you or someone you know is struggling with substance abuse, you can call the US Substance Abuse and Mental Health Services Administration’s National Helpline at 1-800-662-HELP (4357) ...

The OWASP Agentic Top 10 provides a taxonomy for risks in agentic AI systems. A practical challenge many teams face is translating these risk categories into concrete runtime controls that operate ...