Decrypt

Claude Code Vulnerability Could Let Attackers Steal Credentials From GitHub, Says Microsoft

Researchers say prompt injection attacks could manipulate AI coding agents to access sensitive credentials stored in software ...
The Hacker News

LangGraph Flaw Chain Exposes Self-Hosted AI Agents to Remote Code Execution

Three patched LangGraph flaws could let attackers chain SQL injection and unsafe deserialization for RCE in self-hosted ...

Oracle issues out-of-band warning about critical PeopleSoft code injection flaw

Oracle is closing a critical code injection vulnerability in PeopleSoft with an update outside of its usual schedule.
CIO

Enterprises know AI-generated code is vulnerable; they’re shipping it anyway

As AI systems discover and exploit flaws at unprecedented speed, organizations are still deploying software they know ...
CSOonline

Open source vulnerability scanner found with a serious vulnerability in its own code

The flaw could allow attackers to bypass Nuclei’s template signature verification process to inject malicious codes into host systems. A widely popular open-source tool, Nuclei, used for scanning ...

Google posts Chromium browsers' proof-of-concept exploit code without a fix

Chrome, Edge, Brave, Opera, and other Chromium-based browsers could reportedly be exposed to abuse after Google accidentally revealed exploit code for an unfixed vulnerability ...
TechSpot

Microsoft's June Patch Tuesday fixes a record 200 vulnerabilities, including five being actively exploited

In a nutshell: On the second Tuesday of every month, Microsoft addresses the overall security of its many software products. The Patch Tuesday tradition has continued for more than 20 years, but the ...