There’s no rogue McDonald’s AI bot, but ‘prompt injection’ is still a risk for companies

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
GovInfoSecurity

Flurry of Supply-Chain Software Library Attacks

As supply-chain attacks against widely-used, open-source software repositories continue, experts are urging developers to not ...
Dark Reading

Bad Memories Still Haunt AI Agents

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Another npm supply chain worm is tearing through dev environments

Yet another npm supply-chain attack is worming its way through compromised packages, stealing secrets and sensitive data as ...

Talking to AI agents is one thing — what about when they talk to each other? New startup Band debuts 'universal orchestrator'

Already, BAND's early users — and enterprises more broadly — are mixing and matching AI agents powered by models from various ...
eWeek

The Prompt Engineering Cheat Sheet: How to Write Better AI Prompts

Learn prompt engineering with this practical cheat sheet covering frameworks, techniques, and tips to get more accurate and ...
American Banker

Unpatched AI flaw poses risk to banking sector

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...

AI safety risk: How Best-of-N jailbreaking bypasses safeguards

A simple brute-force method exploits AI randomness to generate restricted outputs. Here’s how it puts your data, brand, and ...
The Next Web

Google just launched its agentic enterprise play, and it runs from chip to inbox

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.