Microsoft

AutoJack: How a single page can RCE the host running your AI agent

Ongoing research into AI agent framework security identified an exploit chain in AutoGen Studio (AutoGen’s open-source prototyping user interface) that allows untrusted web content rendered by a ...
Developer Tech

OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes

OpenAI has deployed GPT-5.5-Cyber to execute automated open-source vulnerability remediation alongside security firm Trail of ...
theregister

Vercel debuts eve open source agent framework, tries to fix shadow AI with Passport

Vercel introduced an open source agent framework called eve at its Ship event in London this week, along with other new features including Passport, an attempt to put employee apps created with AI ...
InfoQ

Azure Functions Ships Serverless Agents Runtime at Build 2026

Azure Functions shipped a serverless agents runtime in public preview at Build 2026. Agents are defined in .agent.md markdown ...

Apple Outlines Major AI and Developer Tool Updates at 2026 Platforms State of the Union

Apple yesterday held its WWDC 2026 Platforms State of the Union, detailing a wide range of updates to its developer tools and platforms, headlined by a major expansion of the Foundation Models ...
Wired

A Hacker Group Is Poisoning Open Source Code at an Unprecedented Scale

A so-called software supply chain attack, in which hackers corrupt a legitimate piece of software to hide their own malicious code, was once a relatively rare event but one that haunted the ...

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...
Krebs on Security

Anti-DDoS Firm Heaped Attacks on Brazilian ISPs

A Brazilian tech firm that specializes in protecting networks from distributed denial-of-service (DDoS) attacks has been enabling a botnet responsible for an extended campaign of massive DDoS attacks ...
theregister

Tenstorrent’s Galaxy Blackhole AI servers escape the event horizon

Tenstorrent on Tuesday announced the general availability of its Galaxy Blackhole AI compute platform. Each of the startup's 6U systems is packed with 32 of the Blackhole accelerators we looked at ...
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A new threat actor is combining social engineering techniques, abuse of legitimate cloud infrastructure, and custom malware together to create what appears to be novel attack chain. Google Threat ...
InfoWorld

Hands-on with the Google Agent Development Kit

The Google ADK is a capable and mostly complete framework for developing agents, with support for multiple agent types, multi-agent architectures, and multiple programming languages. The Google Agent ...