While the AI itself wasn’t weaponized, the technique raises concerns about AI agents with broad system access.

Researchers say an AI-powered code scanner traced untrusted data across layers of OpenClaw, exposing exploitable weaknesses ...

OpenClaw has patched six new vulnerabilities in its popular agentic AI assistant, covering server-side request forgery (SSRF) ...

Modern PDF platforms can now function as full attack gateways rather than passive document viewers.

Researcher uncovers a critical SSRF vulnerability in ChatGPT’s Custom GPT “Actions” feature, risking exposure of internal cloud credentials. Exploit allowed access to Azure Instance Metadata Service, ...

OWASP has added two new categories to the revised version of its Top 10 list of the most critical risks to web applications. The Open Web Application Security Project (OWASP) has released a revised ...

You expect the guardians at the gate of any system to keep attacks out; you don’t expect them to turn against internal systems and networks and ravage those on behalf of threat actors. Yet that’s what ...

Model Context Protocol, or MCP, is arguably the most powerful innovation in AI integration to date, but sadly, its purpose and potential are largely misunderstood. So what's the best way to really ...

From AI-powered ransomware and business email compromise to the resurgence of Server-Side Request Forgery (SSRF) attacks, attackers are utilizing generative tools to automate reconnaissance, exploit ...

A 36-year-old Yemeni national, who is believed to be the developer and primary operator of 'Black Kingdom' ransomware, has been indicted by the United States for conducting 1,500 attacks on Microsoft ...

Abstract: Amid the escalating wave of cybersecurity threats, server-side request forgery (SSRF) has emerged as a critical concern, presenting significant risks to organizations. This paper undertakes ...