Dark Reading

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

Adversaries hijacked AI security tools at 90+ organizations. The next wave has write access to the firewall

Autonomous SOC agents now shipping can rewrite firewall rules and modify IAM policies — outpacing the governance frameworks ...
SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.
Dark Reading

Surge in Bomgar RMM Exploitation Demonstrates Supply Chain Risk

The critical remote code execution flaw (CVE-2026-1731) in the remote monitoring and management tool can be exploited to ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...