Introduction We recently found ourselves looking into OpenText Directory Services (OTDS). We had seen it present on our customer's attack surface, and it seemed to be an interesting target. OTDS is a Java web application providing authentication and user…

Explore Lasso’s prompt injection taxonomy, distinguishing text-based techniques from attacker intent to standardize AI security defenses.

Explore Lasso’s prompt injection taxonomy, distinguishing text-based techniques from attacker intent to standardize AI security defenses.

Eye Security explores an indirect prompt injection risk in OpenClaw’s WebSocket logging, explains what an exploit might look like, and highlights context, impact, responsible disclosure, and practical next steps for secure AI assistant deployments.

Complete timeline of every OpenClaw CVE, the ClawHavoc malware campaign, 42,000+ exposed instances, the Moltbook leak, and how to deploy safely.

How AI coding assistants are causing developers to leak credentials to public GitHub repositories and what you can do about it.

In a lawsuit on Thursday, the city attorney said tracking was used not just for local forecasts but also for commercial purposes like targeted marketing.

Learn how AI-powered scams work, the latest 2026 statistics on deepfake and voice cloning fraud, and how enterprises detect AI-enabled social engineering attacks.

Acronis' Threat Research Unit (TRU) has uncovered a malware campaign, dubbed CRESCENTHARVEST, potentially targeting supporters of Iran's ongoing protests with the goal of information theft and long-term espionage.

A platform for hosting realistic Android CTF hacking challenges. DroidGround provides fine-grained control, real-time device interaction, Frida scripting, Team based workflows and customizable exploitation scenarios.

Clinejection — Compromising Cline's Production Releases just by Prompting an Issue Triager - Security research by adnanthekhan