Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix maps every blind spot and fix.

Claude subscription billing changes June 15 as Anthropic moves Agent SDK and claude -p to a separate per-user credit of $20 ...

NEW YORK, June 09, 2026--3forge, whose real-time application engine is used by leading buy-side and sell-side financial institutions to support mission-critical workflows, today introduced 3forge ...

AI agent exploited Salesforce sites; 263 objects, 55 Apex methods exposed at one portal, leading to PII and file leaks.

Frame.io adds Japanese language support, Adobe Firefly asset integration, zero-click Premiere sign-in, and updated Python and TypeScript SDKs for V4.

Then imagine it replying: "Sorry, the website won't let me in." That's the quiet failure mode behind most AI agents today. They can think, but they can't really act on the live web — websites block ...

The Miasma supply chain campaign has sparked a fresh attack wave called Hades, this time involving 37 malicious wheel ...

A VS Code vulnerability in GitHub.dev lets attackers steal full GitHub OAuth tokens via a single malicious link, exposing all private repositories.

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP, simultaneously compromised Microsoft's durabletask Python ...

Over 100 NPM and PyPI packages were injected with malicious code in the Miasma and Hades Shai-Hulud supply chain attack ...

A github.dev flaw could let attackers steal GitHub OAuth tokens through a one-click attack, exposing private repositories and ...