Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
The Hacker News

Windows Phone Link Exploited by CloudZ RAT to Steal Credentials and OTPs

CloudZ RAT exploits Phone Link since Jan 2026, stealing credentials and OTPs via Pheno plugin, bypassing 2FA protections.

Ars Asks: Share your shell and show us your tricked-out terminals!

Exposure therapy to the bash shell brought me to the tipping point, and I jumped ship to the Macintosh side of the house. It ...

Trojan abuses Microsoft Phone Link app to steal your passwords

The CloudZ Trojan steals data through Microsoft Phone Link. The campaign has been active since at least January 2026.  Follow ...