I've reviewed every PDF editor out there - then I had ChatGPT build me a better one ...

On June 24, 2026, Microsoft’s Digital Crimes Unit (DCU) facilitated the takedown, suspension, and blocking of domains that ...

AI coding agent skills library claude-skills ships 345 free, MIT-licensed packages for Claude Code, Codex, Cursor, Gemini CLI ...

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...

A three-CVE chain lets any default LiteLLM user escalate to admin and get a shell on the gateway server. A separate RCE is ...

TL;DR Introduction At the start of this year, I wrote a blog on how 2025 was the ‘year of the infostealer’, and it doesn’t ...

A reverse shell makes the target machine initiate the connection back to the attacker, bypassing firewalls that only filter ...

ThreatsDay Bulletin covers AI abuse, poisoned packages, phishing, macOS attacks, SD-WAN flaws, scams, and supply-chain ...

OpenAIは6月19日、macOS版のAIエージェント「Codex」アプリに、繰り返しの作業を実演して教えられる新機能「Record＆Replay」を発表した。自動化したい操作を一度やって見せると、Codexがそれを再利用できる「スキル」に変換する ...

Prompt injection is the technique of smuggling instructions to an AI agent through content the agent reads — a document, a calendar invite, a web page, a code comment — so that hostile text carries ...

This didn't matter much, but with the current SSD prices, it does again ...

This week’s recap covers exploited flaws, supply chain attacks, phishing kits, AI lures, macOS stealers, urgent CVEs, tools, ...