A vulnerability chain dubbed AutoJack in Microsoft’s AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing arbitrary commands on its host system ...

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...

IntroductionOn May 14, 2026, the Zscaler ThreatLabz team identified unusually high activity associated with the threat actor SmartApeSG to deploy malware. During our examination, we discovered ...

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...

Microsoft says it has detected new self-propagating malware that spreads through USB drives in search of cryptocurrency ...

The Windows-based CryptoBandits cryptocurrency clipper blends data exfiltration and remote code execution in a backdoor.

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...

A poisoned npm package infected 140+ projects with a hidden payload. This report highlights how to detect, hunt, and defend ...

With the proper setup and guidance, you can have Claude Code, Codex, Posit Assistant, and other coding agents writing R code ...

Microsoft’s AutoJack research shows how a malicious webpage rendered by an AI browsing agent can reach local MCP services and ...

What happened Microsoft warned about CryptoBandits, a Windows-based cryptocurrency clipper that also functions as a lightweight backdoor with data exfiltration and remote code execution capabilities.

Anthropic Product Manager and Anthropic engineer Boris Cherny in a video introducing Claude Code on Feb 24, 2025. Anthropic.com Anthropic's Boris Cherny has stopped writing prompts. The creator and ...