6 specialized AI subagents for penetration testing. Plan engagements, analyze recon, research exploits, build detections, check STIGs, and write reports -- all through Claude Code.

We gave our AI agent admin access to production infrastructure. Then we tried to trick it into leaking everything. Here's what happened.

Sequels? Pain? We're obviously talking about Citrix NetScalers, yet again.

Welcome back to another watchTowr Labs blog post - pull up a chair, we always welcome new members to our group therapy sessions.

If you asked a C programmer what they most dislike…

How the PhishU Framework simulates Microsoft Entra device code phishing with silent token capture, live notifications, and Token Explorer follow-on actions.

Learn how attackers hide malware inside WAV audio files using steganography, based on the real-world TeamPCP supply chain campaign.

Today, we woke up with a nagging feeling: what if Citrix had, in fact, patched multiple Memory Overread vulnerabilities as part of CVE-2026-3055?

While we've been using our analysis from Part 1 (please read it first, as this post will be brief) to accurately…

AI middleware shouldn’t be a data drain. Cyera uncovers 3 critical LangChain vulnerabilities. See the research and learn how to patch your AI stack now.

Supply chain attacks cascade through ecosystems in ways traditional metrics hardly capture. GitGuardian evaluates the PCP Team incidents and finds damage spread to thousands of public targets.

Collaborative threat intelligence note-taking platform

Postural manipulation as a new attack class. Empirical record across four frontier models, propagation findings, six-layer defensive architecture. AG Davidson, 2026.

Break your AI agents before someone else does. Security scanning for system prompts, MCP servers, and AI coding agents.

A Claude Code Agent Dashboard

BeyondTrust Phantom Labs disclosed a critical command injection vulnerability in OpenAI Codex that allowed attackers to steal GitHub OAuth tokens through unsanitized branch names. The flaw affected ChatGPT, Codex CLI, SDK, and IDE extensions, and could scale…

Containers, VMs, and serverless were built for code you wrote. Agents write their own.

Axios NPM packages v1.14.1 and v0.30.4 compromised. Malicious plain-crypto-js@4.2.1 dependency injected. Full technical breakdown

A team of cybersecurity students from the University of North Georgia vanquished seven opposing teams from other senior military colleges and elite service

How pwn.ai turned a routine client pentest into multiple ImageMagick exploits. By autonomously researching the product’s internals for days, it found a path from a single image upload to file leaks, security policy bypasses, and remote code execution across…

If you think you’ve blocked NTLMv1 in your organization, think again. Silverfort’s research team recently discovered that attackers bypass the Group Policy designed to disable NTLMv1…