CPO Magazine

Over 100 AI Coding Agents Taken Over Via New “Agentjacking” Attack

The new “agentjacking” attack takes almost no real hacking ability to pull off. It's predicated on pulling a public ...
GitHub

A lightweight, type-safe Dependency Injection (DI) library for JavaScript and TypeScript projects.

Needle DI is a lightweight, TypeScript-first library for dependency injection (DI). It is designed to be both easy to use and highly efficient. Permission is hereby granted, free of charge, to any ...
GitHub

AgentDyn: Are Your Agent Security Defenses Deployable in Real-World Dynamic Environments?

Hao Li, Ruoyao Wen, Shanghao Shi, Ning Zhang, Yevgeniy Vorobeychik, Chaowei Xiao. The official implementation of the paper "AgentDyn: Are Your Agent Security Defenses Deployable in Real-World Dynamic ...

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Chrome's WebMCP guidance warns that AI agents can be manipulated through the tools they are built to trust.
Biometric Companies

iBeta launches Injection Attack Detection testing against CENS/TS 18099

A new testing solution from iBeta Quality Assurance meets a growing need for evaluations of injection attack detection (IAD) products. The lab’s IAD testing launches today, and will be part of what ...
Ars Technica

Fed up with vibe coders, dev sneaks data-nuking prompt injection into their code

The controversy over vibe coding reached a new high this week after a developer added hidden instructions to his open source Java testing app to sabotage projects performed by AI coding agents. The ...