AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...

In yet another instance of threat actors quickly jumping on the exploitation bandwagon, a newly disclosed critical security flaw in BerriAI's LiteLLM Python package has come under active exploitation ...

LangChain and LangGraph patch three high-severity flaws exposing files, secrets, and conversation histories Vulnerabilities included path traversal, deserialization leaks, and SQL injection in SQLite ...

DuckDB Spec-OS for multi-org AI agent swarms. Central specification management, 280+ SQL macros, interactive agent REPL, MCP Apps, meta-learning, and smart extensions. src/agent_farm/ ├── cli.py # ...

Last month we released Julius, a tool that answers the question: “what LLM service is running on this endpoint?” Julius identifies the infrastructure. But identification is only the first step. The ...

App security outfit Checkmarx says automated reviews in Anthropic's Claude Code can catch some bugs but miss others – and sometimes create new risks by executing code while testing it. Anthropic ...

AI coding assistants introduce too many security flaws and should be a wake-up call for the industry, security researchers from Veracode warn. More often than not, the code will be functional but ...

Python remains the top choice for scripting, automation, and penetration testing in cybersecurity. Rust and Go are gaining traction for building secure, memory-safe, and high-performance systems. C ...

Multiple Fortinet FortiWeb instances recently infected with web shells are believed to have been compromised using public exploits for a recently patched remote code execution (RCE) flaw tracked as ...

Python remains the most versatile language for scripting and automation in ethical hacking. C and C++ are essential for low-level memory manipulation and reverse engineering. JavaScript and SQL are ...