7,000 Langflow servers are under attack. LangGraph and LangChain have the same holes

Attackers are actively exploiting path traversal and SQL injection in Langflow, LangGraph, and LangChain — below where your ...
Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
GitHub

The command-line tool that gives easy access to all of the capabilities of B2 Cloud Storage.

This program provides command-line access to the B2 service. b2 account Account management subcommands. b2 bucket Bucket management subcommands. b2 file File management subcommands. b2 ...
The Hacker News

ThreatsDay Bulletin: Claude Chat Abuse, NastyC2 npm Packages, Device-Code Phishing + 25 ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Python dev saved from disaster by intuition... and AI

Python developer Roman Imankulov nearly took the bait. The fact that he didn't can be chalked up to human intuition and AI ...
Tech Times

AI Coding Agent Skills Library Gives Any Tool 51 Senior Engineer Personas

AI coding agent skills library claude-skills ships 345 free, MIT-licensed packages for Claude Code, Codex, Cursor, Gemini CLI ...
latesthackingnews.com

Reverse Shell Explained: Setup, Attack Chain, and Detection

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one

I've reviewed every PDF editor out there - then I had ChatGPT build me a better one ...
techtimes

AI Agent Security Hits Its Reckoning: Prompt Injection May Be a Permanent Flaw, Not a ...

Prompt injection is the technique of smuggling instructions to an AI agent through content the agent reads — a document, a calendar invite, a web page, a code comment — so that hostile text carries ...

Microsoft's intelligent terminal offers a separate AI-powered command-line experience

Microsoft's new Intelligent Terminal brings AI agents to the command line without changing the Windows Terminal experience ...
知乎专栏 on MSN

Kimi Code 换芯记:从 Python 到 TypeScript,一次被低估的终端 Agent 架构革命

Kimi 最近把 Agent 从 Python 转成了 Typescipt 和 pi-tui 的 kimi-code 新的 Agent,这个蛮有意思的,为什么 Kimi 要这么做。是跟着 Claude code 的步伐吗? 让我们看一下 Kimi-code 的结构变化 维度旧版 kimi-cli新版 kimi-code语言Python ...