Agents


I Spent $500 To Test Devin For Prompt Injection So That You Don't Have To
Amp Code: Arbitrary Command Execution via Prompt Injection Fixed
Cursor IDE: Arbitrary Data Exfiltration Via Mermaid (CVE-2025-54132)
Anthropic Filesystem MCP Server: Directory Access Bypass via Improper Path Validation
Turning ChatGPT Codex Into A ZombAI Agent
Exfiltrating Your ChatGPT Chat History and Memories With Prompt Injection
The Month of AI Bugs 2025
Security Advisory: Anthropic's Slack MCP Server Vulnerable to Data Exfiltration
AI ClickFix: Hijacking Computer-Use Agents Using ClickFix