MCP Tool Description 오염을 통한 AI Agent 데이터 유출 취약점 분석
Your AI Agent Is Being Fed Lies, and Your Logs Won't Tell You
Your AI Agent Is Being Fed Lies, and Your Logs Won't Tell You
A single XSS can kill your startup
AI may be good at finding security vulnerabilities, but it can't beat human stupidity
Polymarket Hack: How Third-Party Vendors Risk Your Crypto
A Rogue Registry in My Own Backyard: Anatomy of a Two-Line Supply Chain Attack
AI Coding Agents Are the New Attack Surface Nobody's Ready For
Detecting Supply-Chain Malware Without Running the Code
patch-package와 WASM을 이용한 1.68MB 고밀도 RAT 침투 체인 분석
AI 자율 보안 체계의 연쇄적 신뢰 붕괴로 인한 96시간의 침해 사고
How Malicious MCP Configs in Amazon Q Developer Could Execute Arbitrary Code — and How to Stop It
Miasma campaign poisons 20-plus npm packages, hunts for developer secrets
Nation-State Actors Are Now Targeting Your AI Agent's npm Packages
26,000 Agents Fooled by a Fake Skill
npm Supply Chain RAT: PostCSS Impersonation & Dependency Confusion
Security shops among the 'hundreds' of Klue hack victims
North Korean Hackers Poisoned 140+ npm Packages in an AI Dev Tooling Attack. Here's What Would Have Caught It.
VS Code 1.123 Adds Two-Hour Extension Update Delay to Limit Supply Chain Attacks
Python dev saved from disaster by intuition...and AI
Gamers beware: malicious wallpapers on Steam found stealing accounts
npm prepare 스크립트를 이용한 RCE 백도어 탐지 및 VPS 샌드박스 방어