CVE-2026-49188

The aicmd utility executes with full root permissions. It pipes socket inputs directly to popen, paving the way for unauthenticated users to execute arbitrary root commands...

CVE-2026-26133

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

EUVD-2026-12111

AI command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

Researchers Show Copilot and Grok Can Be Abused as Malware C2 Proxies

Cybersecurity researchers have disclosed that artificial intelligence AI assistants that support web browsing or URL fetching capabilities can be turned into stealthy command-and-control C2 relays, a technique that could allow attackers to blend into legitimate enterprise communications and evade...

EUVD-2025-18114

Malicious code in bioql PyPI...

CVE-2025-55319

Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network...

CVE-2025-55319

Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to execute code over a network...

Zero-Click AI Vulnerability Exposes Microsoft 365 Copilot Data Without User Interaction

A novel attack technique named EchoLeak has been characterized as a "zero-click" artificial intelligence AI vulnerability that allows bad actors to exfiltrate sensitive data from Microsoft 365 M365 Copilot's context sans any user interaction. The critical-rated vulnerability has been assigned the...

CVE-2025-32711

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...

M365 Copilot Information Disclosure Vulnerability

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over a network...