Attention: You are using an outdated browser, device or you do not have the latest version of JavaScript downloaded and so this website may not work as expected. Please download the latest software or switch device to avoid further issues.
| 16 Mar 2026 | |
| Written by Gabi Gerber | |
| Attacks & Threats |
A cybersecurity startup says its artificial intelligence agent needed just two hours to break into McKinsey & Company's proprietary generative AI platform, accessing millions of staff messages and thousands of files.
CodeWall published findings earlier this week, disclosing that it also could have rewritten the chatbot's core instructions after its agent exploited a SQL injection flaw.
The startup said its agent gained full read and write access to the production database underpinning McKinsey's AI platform Lilli, an internal platform the high-priced consultancy says could "rewire the way we operate." Roughly three quarters of the firm's more than 40,000 employees use it for strategy work, client research and document analysis. Read more...
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. More...
A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as ga… More...
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal o… More...
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestra… More...
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and t… More...
Microsoft has disclosed a new security vulnerability impacting on-premise versions of Exchange Server that it said has come under active exploitation in the wild. More...
A Nitrogen ransomware attack on Foxconn's North American facilities is one of 600 hits on manufacturers this year, as ga… More...
Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal o… More...
Cyber adversaries have long used AI, but now attackers are using large language models to develop exploits and orchestra… More...
A proof-of-concept exploit (PoC) shows how someone with admin privileges can exploit the issue to steal passwords, and t… More...
