The Hacker News

Claude Extension Flaw Enabled Zero-Click XSS Prompt Injection via Any Website

Claude extension flaw enabled silent prompt injection via XSS and weak allowlist, risking data theft and impersonation until ...

Cobalt Introduces New AI Capabilities for Continuous Pentesting

The Cobalt Platform also introduces compatibility with the Model Context Protocol (MCP), enabling AI assistants to securely interface with pentest data so security teams can query testing results, ...