[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"tag:ai-security":3},{"tag":4,"articles":8,"awareness":456,"events":457,"tips":458,"focus_items":470,"total_count":471},{"slug":5,"name":6,"description":7},"ai-security","AI Security",null,[9,18,26,35,44,53,62,71,80,89,98,107,116,125,134,143,152,161,170,179,188,197,206,215,224,233,241,250,259,268,277,286,295,303,312,321,330,339,348,357,366,375,384,393,402,411,420,429,438,447],{"id":10,"title":11,"slug":12,"brief":13,"ai_summary":14,"url":15,"image_url":16,"published_at":17},"971838a3-7c15-45ba-85b7-e1d3fcaac759","AI Has Taken Over Open Source","ai-has-taken-over-open-source-079c96","AI-generated packages surge exponentially on npm, reshaping open source production and consumption.","Socket's analysis reveals AI coding tools have fundamentally transformed npm's ecosystem, driving a 10x increase in package creation since January 2026, identifiable by linguistic markers like em dashes. Simultaneously, AI-generated pull requests are overwhelming maintainers, while AI-driven dependency selection has made the software supply chain largely automated and opaque, creating significant supply-chain security risks that require automated scanning rather than manual review.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fai-has-taken-over-open-source?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002F28afd79494a5eae74cf7afee8124384497cef27a-1672x941.png?w=1000&q=95&fit=max&auto=format","2026-05-22T14:22:05.743+00:00",{"id":19,"title":20,"slug":21,"brief":22,"ai_summary":23,"url":24,"image_url":7,"published_at":25},"11693fbc-af4a-45ff-951d-6911116ee995","macOS Kernel Memory Corruption Exploit - Schneier on Security","macos-kernel-memory-corruption-exploit-schneier-on-security-b53cb4","Researchers used Anthropic's Mythos AI to discover and exploit macOS kernel memory corruption flaw on Apple M5.","A research group leveraged Anthropic's Mythos AI model to identify and develop an exploit for a kernel memory corruption vulnerability affecting Apple's M5 chip architecture. The incident highlights the dual-use nature of AI-assisted security research, where advanced language models can accelerate both defensive and offensive vulnerability discovery. This marks a notable shift in how emerging AI capabilities are being applied to low-level system exploitation.","https:\u002F\u002Fwww.schneier.com\u002Fblog\u002Farchives\u002F2026\u002F05\u002Fmacos-kernel-memory-corruption-exploit.html","2026-05-21T16:03:37+00:00",{"id":27,"title":28,"slug":29,"brief":30,"ai_summary":31,"url":32,"image_url":33,"published_at":34},"0b73095a-cc81-4592-84a2-06a9e207040c","Socket raises $60M Series C at a $1B valuation to secure software supply chains for AI-driven development","socket-raises-60m-series-c-at-a-1b-valuation-to-secure-software-supply-chains-fo-121e20","Socket raises $60M Series C at $1B valuation to defend software supply chains against AI-era attacks.","Socket, a software supply chain security platform, has closed a $60 million Series C funding round at a $1 billion valuation led by Thrive Capital. The company has grown to protect over 20,000 organizations and blocks more than 1,000 supply chain attacks weekly. The funding will support expansion of Socket Firewall, Certified Patches, and new products to defend against escalating open source attacks driven by AI-accelerated development.","https:\u002F\u002Fsocket.dev\u002Fblog\u002Fseries-c?utm_medium=feed","https:\u002F\u002Fcdn.sanity.io\u002Fimages\u002Fcgdhsj6q\u002Fproduction\u002F0337b9076a72c4bce75f310faa268cc504690409-1920x1080.png?w=1000&q=95&fit=max&auto=format","2026-05-20T15:25:11.368+00:00",{"id":36,"title":37,"slug":38,"brief":39,"ai_summary":40,"url":41,"image_url":42,"published_at":43},"26a7eaa6-5b42-4532-8b8f-a309bbe132c3","Verizon DBIR: AI Helped Hackers Exploit Vulnerabilities in 31% of Recent Breaches","verizon-dbir-ai-helped-hackers-exploit-vulnerabilities-in-31-of-recent-breaches-451b50","Verizon DBIR 2026: AI exploited software vulnerabilities in 31% of breaches, compressing exploit timelines from months","Verizon's 2026 Data Breach Investigations Report analyzed 31,000 incidents and 22,000 breaches across 145 countries, revealing that software vulnerabilities have overtaken stolen credentials as the primary attack vector for the first time in 19 years. Generative AI is enabling attackers to weaponize vulnerabilities within hours instead of months, significantly reducing the defensive window. Additional findings include a 60% surge in supply chain breaches, a North Korean identity fraud campaign using 15,000 stolen identities, and tripled employee use of unapproved shadow AI tools increasing data exfiltration risks.","https:\u002F\u002Fhackread.com\u002Fverizon-dbir-ai-hackers-exploit-vulnerabilities-breaches\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fverizon-dbir-ai-hackers-exploit-vulnerabilities-breaches-2.png","2026-05-20T12:32:37+00:00",{"id":45,"title":46,"slug":47,"brief":48,"ai_summary":49,"url":50,"image_url":51,"published_at":52},"5034ac4a-5089-474b-a2f0-5dc09fa299a9","Breach entry point, 2026 DBIR finds | About Verizon","breach-entry-point-2026-dbir-finds-about-verizon-b1d772","Verizon's 2026 DBIR finds vulnerability exploitation now top breach entry point, surpassing stolen credentials.","Verizon's 19th annual Data Breach Investigations Report reveals that vulnerability exploitation (31%) has for the first time surpassed stolen credentials as the leading breach entry point, accelerated by AI that compresses exploitation timelines from months to hours. The report also highlights emerging risks including a 40% increase in mobile social engineering success, employee shadow AI use tripling to 45%, third-party supply chain breaches jumping 60%, and AI bot traffic growing 21% monthly—collectively reshaping threat landscapes and demanding urgent security resilience priorities.","https:\u002F\u002Fwww.verizon.com\u002Fabout\u002Fnews\u002Fbreach-industry-wide-dbir-finds","https:\u002F\u002Fss7.vzw.com\u002Fis\u002Fimage\u002FVerizonWireless\u002Fnews-dbir-1920x1280%20(1)?resMode=sharp2&scl=1","2026-05-19T20:21:35+00:00",{"id":54,"title":55,"slug":56,"brief":57,"ai_summary":58,"url":59,"image_url":60,"published_at":61},"983213ad-45be-4b76-a99e-d62fdf727cde","Pwn2Own Berlin 2026 Closes With $1.3 Million in Zero-Day Payouts","pwn2own-berlin-2026-closes-with-1-3-million-in-zero-day-payouts-2ee4c4","Pwn2Own Berlin 2026 concludes with 47 zero-day exploits demonstrated and $1.3M in payouts.","The Pwn2Own Berlin 2026 hacking competition concluded on May 16, 2026, with researchers demonstrating 47 unique zero-day vulnerabilities across enterprise software and AI platforms, earning $1.298M in total payouts. DEVCORE from Taiwan won the Master of Pwn title with $505K, with major exploits targeting Microsoft Exchange, VMware ESXi, SharePoint, Windows 11, and AI assistants like OpenAI Codex and Anthropic Claude. Vendors have 90 days to patch before ZDI publicly discloses technical details.","https:\u002F\u002Fhackread.com\u002Fpwn2own-berlin-2026-closes-zero-day-payouts\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fpwn2own-berlin-2026-closes-zero-day-payouts-2.jpg","2026-05-19T15:59:01+00:00",{"id":63,"title":64,"slug":65,"brief":66,"ai_summary":67,"url":68,"image_url":69,"published_at":70},"b0f9510b-1846-472d-a1e1-948ec25b3ef6","Hackers earn $1,298,250 for 47 zero-days at Pwn2Own Berlin 2026","hackers-earn-1-298-250-for-47-zero-days-at-pwn2own-berlin-2026-89f8f0","Pwn2Own Berlin 2026 awards $1.3M for 47 zero-day exploits across enterprise and AI products.","Security researchers at Pwn2Own Berlin 2026 (May 14–16) collected $1,298,250 in rewards for discovering and exploiting 47 zero-day vulnerabilities in enterprise software, web browsers, and AI systems. DEVCORE won the competition with $505,000 after chaining multiple bugs in Microsoft SharePoint, Exchange, Edge, and Windows 11. Vendors have 90 days to patch before TrendMicro's Zero Day Initiative publicly discloses the flaws.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fhackers-earn-1-298-250-for-47-zero-days-at-pwn2own-berlin-2026\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2025\u002F05\u002F19\u002FPwn2Own_Berlin.jpg","2026-05-18T05:33:20+00:00",{"id":72,"title":73,"slug":74,"brief":75,"ai_summary":76,"url":77,"image_url":78,"published_at":79},"7a6c3f2f-8746-4464-be55-d924d7692ac2","Hackers Earn $1.3 Million at Pwn2Own Berlin 2026","hackers-earn-1-3-million-at-pwn2own-berlin-2026-7f023c","Pwn2Own Berlin 2026 awards $1.3M for 47 zero-day exploits across Windows, Linux, VMware, Nvidia, and AI products.","White hat hackers earned $1,298,250 at Pwn2Own Berlin 2026 by demonstrating 47 unique vulnerabilities in Microsoft Exchange, Edge, SharePoint, VMware ESX, and AI products including LiteLLM, OpenAI Codex, and LM Studio. Top teams Devcore and StarLabs SG captured nearly $750,000, with Devcore earning $200,000 for a Microsoft Exchange remote code execution exploit and StarLabs SG winning $200,000 for VMware ESX cross-tenant code execution. Eight exploit attempts failed, and some registered white hat hackers reportedly disclosed findings directly to vendors when all event slots filled.","https:\u002F\u002Fwww.securityweek.com\u002Fhackers-earn-1-3-million-at-pwn2own-berlin-2026\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F08\u002FPwn2Own-hackers-hacking-competition.jpeg","2026-05-18T04:05:21+00:00",{"id":81,"title":82,"slug":83,"brief":84,"ai_summary":85,"url":86,"image_url":87,"published_at":88},"d8face62-48ba-4006-a374-d7f2bd3ff423","Critical ‘Claw Chain’ Vulnerabilities Put Thousands of OpenClaw AI Servers at Risk","critical-claw-chain-vulnerabilities-put-thousands-of-openclaw-ai-servers-at-risk-078736","Four critical vulnerabilities in OpenClaw AI servers enable data theft, backdoors, and admin-level compromise.","Security researchers at Cyera discovered four chained vulnerabilities in OpenClaw, a popular autonomous AI agent platform, affecting thousands of internet-exposed servers. The Claw Chain vulnerabilities (CVE-2026-44112, CVE-2026-44113, CVE-2026-44115, CVE-2026-44118) allow attackers to evade sandbox protections, establish persistent backdoors, steal credentials and API keys, and escalate to admin access. OpenClaw released patches on April 23, 2026, but organizations must update immediately and rotate all credentials, as breaches may have already occurred.","https:\u002F\u002Fhackread.com\u002Fclaw-chain-vulnerabilities-openclaw-ai-servers-risk\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fclaw-chain-vulnerabilities-leave-thousands-of-openclaw-ai-agents-exposed-to-attacks.png","2026-05-16T09:16:10+00:00",{"id":90,"title":91,"slug":92,"brief":93,"ai_summary":94,"url":95,"image_url":96,"published_at":97},"88ca55de-c463-4c6d-99ba-a51486275b33","Four OpenClaw Flaws Enable Data Theft, Privilege Escalation, and Persistence","four-openclaw-flaws-enable-data-theft-privilege-escalation-and-persistence-ac72c4","Four chained OpenClaw vulnerabilities enable sandbox escape, data theft, and persistence attacks.","Researchers disclosed four critical vulnerabilities in OpenClaw (CVE-2026-44112, CVE-2026-44113, CVE-2026-44115, CVE-2026-44118) collectively called Claw Chain that can be chained to achieve data theft, privilege escalation, and persistence. The flaws include TOCTOU race conditions, incomplete input validation, and improper access control that allow attackers to bypass sandbox restrictions, expose credentials, and establish persistent backdoors. All vulnerabilities have been patched in OpenClaw version 2026.4.22.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Ffour-openclaw-flaws-enable-data-theft.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEgz_tK9S8jS_n5CK694-FLGjQP5_Mmpg7z9ZRiBayWsJLsuFRIm-8j1hTlhH90779FvnvhpiFKeGP9CzI5RCPsxQEnOzAIQsPzUsAJhUWtNm9iwf9C1W9DbDmqoQ_jjHhM7huYDV210OB9o1L9NPoJ0IL6R9Xc-V4JQ91Kn-b47_2ravRJ6-qlZOVrqsuAz\u002Fs1600\u002Fopenclaw.png","2026-05-15T13:35:04+00:00",{"id":99,"title":100,"slug":101,"brief":102,"ai_summary":103,"url":104,"image_url":105,"published_at":106},"86b15f03-c8b1-41e8-8a9e-735a4d701fed","White House cyber official: identity security matters more than ever in the age of AI","white-house-cyber-official-identity-security-matters-more-than-ever-in-the-age-o-2e99c9","White House cyber official: identity security remains critical defense against AI-powered attacks on federal networks.","A White House cybersecurity official stated that while AI tools present unique threats to federal IT systems, they still fundamentally require compromised credentials or trusted access to exploit vulnerabilities effectively. Federal agencies must prioritize identity security, monitoring, and regulating network access to defend against AI-powered attacks that can operate at scale and speed without stealth. Current gaps in identity security are being actively exploited by adversaries using AI, prompting urgent calls for improved detection and response capabilities.","https:\u002F\u002Fcyberscoop.com\u002Fwhite-house-federal-identity-security-ai-risks\u002F","https:\u002F\u002Fcyberscoop.com\u002Fwp-content\u002Fuploads\u002Fsites\u002F3\u002F2026\u002F05\u002FNick-Polk-and-others.jpeg","2026-05-14T20:15:21+00:00",{"id":108,"title":109,"slug":110,"brief":111,"ai_summary":112,"url":113,"image_url":114,"published_at":115},"2f962a5b-8062-4751-b4e5-0cc462ca244a","Windows 11 and Microsoft Edge hacked at Pwn2Own Berlin 2026","windows-11-and-microsoft-edge-hacked-at-pwn2own-berlin-2026-0bc442","Pwn2Own Berlin 2026 day one: researchers exploit 24 zero-days in Windows 11, Edge, Linux, and AI tools for $523K.","At Pwn2Own Berlin 2026's first day, security researchers demonstrated 24 unique zero-day vulnerabilities across enterprise and AI technologies, earning $523,000 in cash awards. Highlights included Orange Tsai's $175,000 sandbox escape on Microsoft Edge via chained logic bugs, multiple Windows 11 privilege escalation exploits, and zero-days in AI\u002FML tools like LiteLLM, NVIDIA Megatron, OpenAI Codex, and Chroma. Vendors have 90 days to patch all disclosed flaws.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fwindows-11-and-microsoft-edge-hacked-on-first-day-of-pwn2own-berlin-2026\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2025\u002F05\u002F15\u002FPwn2Own_Berin.jpg","2026-05-14T18:53:50+00:00",{"id":117,"title":118,"slug":119,"brief":120,"ai_summary":121,"url":122,"image_url":123,"published_at":124},"1d3e8e4a-4f09-487b-b583-0eb40dcde08d","We detected 7 dynamic runtime impersonating malicious Chrome extensions. A remote kill-switch tar...","we-detected-7-dynamic-runtime-impersonating-malicious-chrome-extensions-a-remote-9440dd","7 malicious Chrome extensions impersonating crypto wallets detected with Unicode spoofing and remote kill-switch.","Security researchers discovered 7 dynamic runtime malicious Chrome extensions targeting cryptocurrency users through deceptive practices including Unicode BIDI spoofing, dual-identity tactics, and fake wallet drainers. The extensions impersonate legitimate wallets like Ledger, Braavos, and Solana, and feature a remote kill-switch mechanism. This campaign represents a sophisticated supply-chain attack leveraging browser extensions to compromise crypto asset security.","https:\u002F\u002Fx.com\u002FUnit42_Intel\u002Fstatus\u002F2054977112126165251","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIS-vQhWUAA_Fln.jpg","2026-05-14T17:28:17+00:00",{"id":126,"title":127,"slug":128,"brief":129,"ai_summary":130,"url":131,"image_url":132,"published_at":133},"1cf203e4-5c2b-4203-b768-19a8b6b3a35c","When configuration becomes a vulnerability: Exploitable misconfigurations in AI apps","when-configuration-becomes-a-vulnerability-exploitable-misconfigurations-in-ai-a-049340","Microsoft warns of exploitable misconfigurations in cloud-native AI apps on Kubernetes enabling RCE and data leaks.","Microsoft Security Blog reports that AI and agentic applications deployed on cloud-native platforms like Kubernetes frequently suffer from exploitable misconfigurations—exposed UIs combined with weak or missing authentication. These misconfigurations enable low-effort, high-impact attacks including remote code execution, credential theft, and access to sensitive data without requiring zero-days or sophisticated techniques. Microsoft Defender for Cloud signals show over half of cloud-native workload exploitations stem from such configuration issues, particularly in popular AI applications and platforms.","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F05\u002F14\u002Fconfiguration-becomes-vulnerability-exploitable-misconfigurations-ai-apps\u002F","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002Fwp-content\u002Fuploads\u002F2026\u002F03\u002FMS_Actional-Insights_Adversarial-AI.png","2026-05-14T14:20:55+00:00",{"id":135,"title":136,"slug":137,"brief":138,"ai_summary":139,"url":140,"image_url":141,"published_at":142},"8c021596-bdc0-4ddb-b399-65abcbc96387","PraisonAI CVE-2026-44338 Auth Bypass Targeted Within Hours of Disclosure","praisonai-cve-2026-44338-auth-bypass-targeted-within-hours-of-disclosure-d33a9e","PraisonAI CVE-2026-44338 auth bypass exploited within hours of disclosure","Threat actors began exploiting CVE-2026-44338, a missing authentication vulnerability in PraisonAI's legacy Flask API server, within 3 hours 44 minutes of public disclosure on May 11, 2026. The flaw (CVSS 7.3) allows unauthenticated access to sensitive endpoints including agent enumeration and workflow invocation. The vulnerability affects versions 2.5.6 through 4.6.33 and has been patched in version 4.6.34.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fpraisonai-cve-2026-44338-auth-bypass.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEg2IaSkdVZD_wyJJT-sODoazviDXhw3MGkn5XHYocnTL1YfLJpgJ-1wNaAm0Rk0phyrIv8vS73SNNkPSmlxRkK9ySAQGnn_tCP9JcVKyqee6lxjlYEp0cs2C_R9cDtgCEXwsjWtx1XnafF5r_fAuDDAvg0CRMOgJk8ZMwSjRsw1Js90uR-97t-rh5yU12Oj\u002Fs1600\u002Fpraison.jpg","2026-05-14T11:40:14+00:00",{"id":144,"title":145,"slug":146,"brief":147,"ai_summary":148,"url":149,"image_url":150,"published_at":151},"11eba9f7-511b-4c8d-b12d-fb7072a5a474","Hackers Targeted PraisonAI Vulnerability Hours After Disclosure","hackers-targeted-praisonai-vulnerability-hours-after-disclosure-51c3b5","Hackers probed PraisonAI authentication bypass CVE-2026-44338 within 3.75 hours of disclosure.","PraisonAI versions 2.5.6 to 4.6.33 contained an authentication bypass (CVE-2026-44338) due to disabled Flask API authentication by default, allowing unauthenticated access to agent workflows. Within 3 hours 44 minutes of public disclosure, a scanner identified as CVE-Detector\u002F1.0 began probing internet-exposed instances for the vulnerable endpoint. Sysdig assessed the activity as reconnaissance-focused reconnaissance rather than active exploitation, but highlights the accelerated threat timeline enabled by AI-assisted tooling in the modern attack landscape.","https:\u002F\u002Fwww.securityweek.com\u002Fhackers-targeted-praisonai-vulnerability-hours-after-disclosure\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F08\u002FAI-assistant-chatbot-artificial-intelligence.jpg","2026-05-14T09:45:53+00:00",{"id":153,"title":154,"slug":155,"brief":156,"ai_summary":157,"url":158,"image_url":159,"published_at":160},"0cd6dfea-48a1-4923-9d8e-98e8ede4162d","New critical Exim mailer flaw allows remote code execution","new-critical-exim-mailer-flaw-allows-remote-code-execution-74ce92","Critical Exim mail server flaw CVE-2026-45185 allows unauthenticated remote code execution via TLS handling.","A critical user-after-free vulnerability (CVE-2026-45185) in Exim versions 4.97–4.99.2 compiled with GnuTLS allows unauthenticated remote attackers to execute arbitrary code by exploiting improper TLS buffer handling during BDAT chunked SMTP traffic. The flaw affects widely deployed mail servers on Linux and Unix systems, particularly in Debian and Ubuntu distributions. Exim 4.99.3 contains the fix.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fnew-critical-exim-mailer-flaw-allows-remote-code-execution\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F13\u002Fexim.jpg","2026-05-13T20:23:50+00:00",{"id":162,"title":163,"slug":164,"brief":165,"ai_summary":166,"url":167,"image_url":168,"published_at":169},"b8d41f26-57d9-43be-8d5a-2cdeacc53119","This is what a realistic AI-era attack chain looks like. Drawn from 11,000+ anonymized cloud envi...","this-is-what-a-realistic-ai-era-attack-chain-looks-like-drawn-from-11-000-anonym-426c97","Report reveals realistic AI-era attack chains exploit misconfiguration and hardcoded credentials, not novel techniques.","A 2026 report analyzing 11,000+ anonymized cloud environments reveals that practical AI-era attack chains don't rely on zero-days or novel exploits. Instead, attackers leverage common misconfigurations like exposed buckets and hardcoded API keys. The findings emphasize that foundational security hygiene remains the primary defense against cloud-based threats.","https:\u002F\u002Fx.com\u002FSentinelOne\u002Fstatus\u002F2054627747448971715","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIOAZlwXMAAc7uy.jpg","2026-05-13T18:20:02+00:00",{"id":171,"title":172,"slug":173,"brief":174,"ai_summary":175,"url":176,"image_url":177,"published_at":178},"7b9ceb53-fe7a-4568-b324-40c9c71eec36","Microsoft, Palo Alto Networks Find Many Vulnerabilities by Using AI on Their Own Code","microsoft-palo-alto-networks-find-many-vulnerabilities-by-using-ai-on-their-own--dd1873","Microsoft MDASH and Palo Alto's Claude Mythos AI find dozens of vulnerabilities in their own code.","Microsoft's MDASH AI system discovered 16 of the vulnerabilities patched in the latest Patch Tuesday, including four critical remote code execution flaws, while Palo Alto Networks used Claude Mythos to identify 75 vulnerabilities across 130+ products, publishing a record 26 advisories in a single day. Both companies demonstrated that frontier AI models can significantly accelerate vulnerability discovery, though industry experts remain divided on the long-term impact of AI-driven scanning on the threat landscape.","https:\u002F\u002Fwww.securityweek.com\u002Fmicrosoft-palo-alto-networks-find-many-vulnerabilities-by-using-ai-on-their-own-code\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2024\u002F06\u002FAI_Weight-Models.jpg","2026-05-13T16:01:00+00:00",{"id":180,"title":181,"slug":182,"brief":183,"ai_summary":184,"url":185,"image_url":186,"published_at":187},"2c4742a2-f3fc-44c2-9a8b-817818161ab6","‼️🇫🇷 Mistral AI allegedly breached: ~5GB of internal source code and ~450 private repositories...","mistral-ai-allegedly-breached-5gb-of-internal-source-code-and-450-private-reposi-fd2f11","Mistral AI allegedly breached; ~5GB source code and 450 private repos exposed by TeamPCP.","A threat group known as TeamPCP claims to have breached Mistral AI and obtained approximately 5GB of internal source code and ~450 private repositories. The stolen data is reportedly being sold on underground forums. This incident impacts the French AI company's intellectual property and could expose sensitive development practices and proprietary algorithms.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2054584505172668754","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHINZiTSWwAA8x-t.jpg","2026-05-13T15:28:13+00:00",{"id":189,"title":190,"slug":191,"brief":192,"ai_summary":193,"url":194,"image_url":195,"published_at":196},"d0285355-b272-42f8-b730-aa32bcf58d5a","Microsoft's MDASH AI System Finds 16 Windows Flaws Fixed in Patch Tuesday","microsoft-s-mdash-ai-system-finds-16-windows-flaws-fixed-in-patch-tuesday-417ed0","Microsoft's MDASH AI system discovered 16 Windows flaws, including 2 critical RCE vulnerabilities, fixed in May 2026","Microsoft announced MDASH (multi-model agentic scanning harness), an AI-driven vulnerability discovery system that uses over 100 specialized agents across multiple models to autonomously identify exploitable defects in complex codebases. The system has already discovered 16 vulnerabilities patched in May 2026, including CVE-2026-33824 and CVE-2026-33827, both critical remote code execution flaws in Windows networking and authentication components. MDASH represents a shift from research to production-grade AI vulnerability detection at enterprise scale.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fmicrosofts-mdash-ai-system-finds-16.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEg1Iq16GS3jdGiIU24GHBkwg6unk05ctdgYwXO5df8zRu1qko95_XhszCjq6jlEIRozLsrtZHgi5GqDZnS1Sw_KDzUzsagwP0If3VswmYHsnuYwVseU2lapxQiPpItTdAiv-CCdTFR87ZVOu65buyvmvzmdWuJPKHuPA4DSo58HQIMAV__2ymsmRe2g3UVe\u002Fs1600\u002Fwindows-ai.jpg","2026-05-13T13:46:02+00:00",{"id":198,"title":199,"slug":200,"brief":201,"ai_summary":202,"url":203,"image_url":204,"published_at":205},"9d979e96-64f6-4033-a0a0-3e39a2fa8066","73 Seconds to Breach, 24 Hours to Patch: The Case for Autonomous Validation","73-seconds-to-breach-24-hours-to-patch-the-case-for-autonomous-validation-f99a2a","Anthropic's Mythos AI model discovered 181 Firefox exploits in 14 days; CVE-to-exploit window now ~10 hours.","A Picus Security analysis highlights the acceleration of cyber threats in 2026: Anthropic's Mythos AI model identified 181 working Firefox exploits and thousands of zero-days (99% still unpatched) during a gated preview, while AWS documented a single operator using AI to compromise 2,516 FortiGate devices across 106 countries in minutes. The median time from CVE publication to working exploit has collapsed from 56 days (2024) to approximately 10 hours (2026), rendering traditional vulnerability management assumptions obsolete and underscoring the need for autonomous validation and faster response mechanisms.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002F73-seconds-to-breach-24-hours-to-patch-the-case-for-autonomous-validation\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fposts\u002F2026\u002F05\u002F06\u002Fpicus-header.jpg","2026-05-13T12:30:38+00:00",{"id":207,"title":208,"slug":209,"brief":210,"ai_summary":211,"url":212,"image_url":213,"published_at":214},"d8f6e60c-933e-469a-a74f-778d4ac4a257","Android Adds Intrusion Logging for Sophisticated Spyware Forensics","android-adds-intrusion-logging-for-sophisticated-spyware-forensics-0c6fb5","Google launches Intrusion Logging in Android 16 for forensic analysis of sophisticated spyware attacks.","Google has introduced Intrusion Logging, an opt-in feature in Android's Advanced Protection Mode developed with Amnesty International and Reporters Without Borders, to help high-risk users detect and analyze sophisticated spyware attacks. The feature logs device and network activities daily with end-to-end encryption and server-side storage for 12 months, ensuring that even Google and malware cannot access the data without the device owner's decryption keys. Users can download encrypted logs to share with security experts for forensic investigation, with logs automatically wiped after 12 months unless manually preserved.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fandroid-adds-intrusion-logging-for.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEiBNoTD0wrxHsoNUfZVLT2ImOUNC-2Md_wih6gTim-zbqkCzgGfXbtvlDgDMWeczo9RzINqu7qqk_3XK0KHSdbpLMPbR9xg_pLpjtoxugUt3B5-G9pL9wBCMI80Rx-Aw9eNxH-XXE2XpQHDtqaGDeXe3P4mGDvPgmDiqom8B2Xdfz7irCpOZVvhP9jsqudo\u002Fs1600\u002Fadnroid-Intrusion-Logging.jpg","2026-05-13T06:55:42+00:00",{"id":216,"title":217,"slug":218,"brief":219,"ai_summary":220,"url":221,"image_url":222,"published_at":223},"16f7eded-c4bd-44b3-b2b9-80c43eb5ce5a","Accelerating detection engineering using AI-assisted synthetic attack logs generation","accelerating-detection-engineering-using-ai-assisted-synthetic-attack-logs-gener-363b50","Microsoft explores AI-assisted synthetic attack log generation to accelerate detection engineering.","Microsoft Security researchers propose using AI to generate realistic synthetic security attack logs from attacker tactics, techniques, and procedures (TTPs) to accelerate detection engineering without exposing sensitive data. This approach aims to complement traditional lab-based simulations by enabling rapid testing of detection rules and anomaly detection at scale while preserving privacy and reducing operational overhead. The synthetic log generation workflow translates MITRE ATT&CK framework behaviors into structured telemetry for testing and validation.","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F05\u002F12\u002Faccelerating-detection-engineering-using-ai-assisted-synthetic-attack-logs-generation\u002F","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002Fwp-content\u002Fuploads\u002F2026\u002F04\u002FMS_Actional-Insights_Detection-hunting_social.png","2026-05-12T22:53:09+00:00",{"id":225,"title":226,"slug":227,"brief":228,"ai_summary":229,"url":230,"image_url":231,"published_at":232},"ae75ade9-7d24-45aa-9c89-5e1a5ecd8519","Defense at AI speed: Microsoft’s new multi-model agentic security system finds 16 new vulnerabilities","defense-at-ai-speed-microsoft-s-new-multi-model-agentic-security-system-finds-16-2677c0","Microsoft announces MDASH AI system that discovered 16 new Windows vulnerabilities including 4 critical RCE flaws.","Microsoft's Autonomous Code Security team unveiled MDASH, a multi-model agentic scanning system that orchestrates over 100 specialized AI agents to discover exploitable vulnerabilities. The system identified 16 new flaws in Windows networking and authentication components, including four Critical remote code execution vulnerabilities in the TCP\u002FIP stack and IKEv2 service. MDASH achieved 88.45% on the public CyberGym benchmark and demonstrated zero false positives in internal testing, marking a transition of AI vulnerability discovery from research into production-grade enterprise defense.","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F05\u002F12\u002Fdefense-at-ai-speed-microsofts-new-multi-model-agentic-security-system-finds-16-new-vulnerabilities\u002F","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002FMS_Actional-Insights_Lock-1.jpg","2026-05-12T22:00:00+00:00",{"id":234,"title":235,"slug":236,"brief":237,"ai_summary":238,"url":239,"image_url":7,"published_at":240},"959c3ab2-859d-4763-befc-ab47390a7f81","Patch Tuesday, May 2026 Edition","patch-tuesday-may-2026-edition-f42d90","May 2026 Patch Tuesday: Microsoft, Apple, Google, Mozilla, Oracle release record patch volumes driven by AI","Major software vendors including Microsoft, Apple, Google, Mozilla, and Oracle released unprecedented volumes of security patches in May 2026, driven by AI-powered vulnerability discovery via Anthropic's Project Glasswing. Microsoft addressed 118 vulnerabilities including 16 critical flaws, while Firefox resolved 271 vulnerabilities and Chrome patched 127 flaws. This marks a significant shift in patch cadence across the industry as AI tools prove effective at identifying security weaknesses in code.","https:\u002F\u002Fkrebsonsecurity.com\u002F2026\u002F05\u002Fpatch-tuesday-may-2026-edition\u002F","2026-05-12T21:46:45+00:00",{"id":242,"title":243,"slug":244,"brief":245,"ai_summary":246,"url":247,"image_url":248,"published_at":249},"02a330d4-a42e-4b3a-ad37-3a0b22598955","Microsoft addresses 137 vulnerabilities in May’s Patch Tuesday, including 13 rated critical","microsoft-addresses-137-vulnerabilities-in-may-s-patch-tuesday-including-13-rate-237839","Microsoft patches 137 vulnerabilities in May Patch Tuesday, including 13 critical flaws.","Microsoft released patches for 137 vulnerabilities in May's Patch Tuesday, with 13 assigned critical CVSS ratings and no actively exploited zero-days reported. Critical vulnerabilities include CVE-2026-33109 and CVE-2026-42823 in Azure, CVE-2026-42898 in Dynamics 365 (9.9 CVSS), CVE-2026-41096 in Windows DNS enabling unauthenticated RCE, and CVE-2026-41089 in Windows Netlogon. The high volume reflects a growing trend of AI models being deployed to discover previously unknown code defects.","https:\u002F\u002Fcyberscoop.com\u002Fmicrosoft-patch-tuesday-may-2026\u002F","https:\u002F\u002Fcyberscoop.com\u002Fwp-content\u002Fuploads\u002Fsites\u002F3\u002F2024\u002F09\u002FGettyImages-1408775753.jpg","2026-05-12T21:00:37+00:00",{"id":251,"title":252,"slug":253,"brief":254,"ai_summary":255,"url":256,"image_url":257,"published_at":258},"4d7103ff-4fe3-4514-ba46-3e428ac493cb","Pwn2Own Berlin 2026 Hits Capacity as Rejected Hackers Release 0-Days","pwn2own-berlin-2026-hits-capacity-as-rejected-hackers-release-0-days-09b58a","Rejected Pwn2Own Berlin 2026 researchers publicly disclose zero-days for Firefox, NVIDIA, and AI platforms.","Pwn2Own Berlin 2026 reached capacity for the first time in 19 years, forcing organizers to close registration early on May 7. Dozens of rejected researchers responded by publicly disclosing zero-day exploits targeting Firefox, NVIDIA, Docker, Linux KVM, PyTorch, Oracle Autonomous AI Database, and AI coding tools like Claude Code and GitHub Copilot. This \"revenge disclosure\" wave threatens the contest's integrity and could render accepted competitors' exploits worthless if vendors patch vulnerabilities before the May 14 event.","https:\u002F\u002Fhackread.com\u002Fpwn2own-berlin-2026-hits-capacity-hackers-0-days\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fpwn2own-berlin-2026-hits-capacity-hackers-0-days.jpg","2026-05-12T16:41:26+00:00",{"id":260,"title":261,"slug":262,"brief":263,"ai_summary":264,"url":265,"image_url":266,"published_at":267},"36bb324f-c91c-45aa-8fa3-854e4ff4d399","Hugging Face Packages Weaponized With a Single File Tweak","hugging-face-packages-weaponized-with-a-single-file-tweak-9298b3","Hugging Face tokenizer files can be manipulated to hijack AI model outputs and exfiltrate data.","Researchers discovered that tokenizer files in Hugging Face AI models represent a critical supply-chain vulnerability. A single file modification allows attackers to hijack model outputs and exfiltrate sensitive data without modifying the core model weights. This attack vector affects the broader AI\u002FML ecosystem where pre-trained models are widely downloaded and integrated into applications.","https:\u002F\u002Fwww.darkreading.com\u002Fcloud-security\u002Fhugging-face-packages-weaponized-single-file-tweak","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fblte4a392e468c2fede\u002F6a02399dd02601ddfa8e5443\u002FHugging_Face_Sidney_Van_den_Boogaard_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale","2026-05-12T14:00:00+00:00",{"id":269,"title":270,"slug":271,"brief":272,"ai_summary":273,"url":274,"image_url":275,"published_at":276},"6296c7b2-b501-4c44-8ce4-d0ca2b153c9a","OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation","openai-launches-daybreak-for-ai-powered-vulnerability-detection-and-patch-valida-db295b","OpenAI launches Daybreak, an AI-powered platform for vulnerability detection and patch validation.","OpenAI has unveiled Daybreak, a cybersecurity initiative combining frontier AI models with Codex Security to help organizations identify and remediate vulnerabilities before attackers exploit them. The platform leverages three GPT-5.5 variants (standard, Trusted Access for Cyber, and permissive red-team versions) to perform threat modeling, vulnerability testing, and patch validation. Major vendors including Akamai, Cisco, Cloudflare, CrowdStrike, Fortinet, Oracle, Palo Alto Networks, and Zscaler are already integrating Daybreak capabilities.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fopenai-launches-daybreak-for-ai-powered.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEjLWuBkkGzJLNmcxzqkKdh6dI6X-juFjpMWr-k6VGVTL6G1XZUH1sna06RS5PQY0e4A1VpUjvR-dpWMCx0yQJBdjFyjnoyOek-ysMpU7cgWBkUHChyADdRozT1XHNIvUhU_ibCkggQaGESD7St4aCfyx4SWOfLjUSuoeWiJQmmb1EkimfKA27g_tVHdV-G-\u002Fs1600\u002Fopenai-daybreak.jpg","2026-05-12T06:55:00+00:00",{"id":278,"title":279,"slug":280,"brief":281,"ai_summary":282,"url":283,"image_url":284,"published_at":285},"022acd20-75b2-4fa8-a1d7-0eb2f8c89a3a","‼️AIRDC advertised as AI-powered hidden remote desktop control tool for Windows targets\n\nA threat...","airdc-advertised-as-ai-powered-hidden-remote-desktop-control-tool-for-windows-ta-dabad7","AIRDC, an AI-powered hidden remote desktop control tool, advertised for sale by threat actors targeting Windows.","A threat actor is marketing AIRDC (AI Remote Desktop Control), a malicious tool designed to provide hidden remote access to Windows systems. The tool leverages an LLM to translate plain-English commands into precise actions, enabling autonomous control of compromised machines. This represents a new variant of RAT\u002FRDP tools enhanced with artificial intelligence capabilities for improved obfuscation and command execution.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2053960003782844698","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHIEhhDQWwAAfvxT.jpg","2026-05-11T22:06:40+00:00",{"id":287,"title":288,"slug":289,"brief":290,"ai_summary":291,"url":292,"image_url":293,"published_at":294},"331342b7-e9ba-4f38-825a-8e308933303b","Google Says Hackers Used AI to Develop a Zero-Day Exploit","google-says-hackers-used-ai-to-develop-a-zero-day-exploit-21c114","Google discovers hackers using AI to develop zero-day exploits, Android backdoors, and supply chain attacks.","Google Threat Intelligence Group researchers have identified the first confirmed evidence of threat actors using AI to develop zero-day exploits, autonomous Android backdoors, and automated supply chain attacks targeting GitHub and PyPI. The malicious code showed distinctive machine-generated signatures including excessive docstrings and hallucinated CVSS scores. Groups from China and North Korea, including APT45 and UNC2814, are leveraging AI tools to scan for vulnerabilities, conduct environmental fingerprinting, and execute multi-stage attacks, while also deploying deepfakes and voice cloning in information operations.","https:\u002F\u002Fhackread.com\u002Fgoogle-hackers-used-ai-develop-zero-day-exploit\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fgoogle-hackers-used-ai-develop-zero-day-exploit.jpg","2026-05-11T22:00:41+00:00",{"id":296,"title":297,"slug":298,"brief":299,"ai_summary":300,"url":301,"image_url":7,"published_at":302},"c136214d-6d38-48c0-97d9-64acc8a1f75f","Google's Threat Intelligence Group has documented what it describes as the first confirmed instan...","google-s-threat-intelligence-group-has-documented-what-it-describes-as-the-first-ee0fed","Google TIG documents first confirmed AI-engineered zero-day exploit by threat actors","Google's Threat Intelligence Group has identified the first confirmed case of threat actors using artificial intelligence to develop a zero-day exploit, representing a notable escalation in AI-weaponization for cyberattacks. This development marks a shift from theoretical concerns about AI-assisted vulnerability discovery to demonstrated real-world exploitation.","https:\u002F\u002Fx.com\u002FDarkWebInformer\u002Fstatus\u002F2053875023434367032","2026-05-11T16:28:59+00:00",{"id":304,"title":305,"slug":306,"brief":307,"ai_summary":308,"url":309,"image_url":310,"published_at":311},"39bc6529-96c4-459c-85e1-db94e50d225a","Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation","hackers-used-ai-to-develop-first-known-zero-day-2fa-bypass-for-mass-exploitation-5a38a1","Google discloses first known zero-day 2FA bypass likely developed using AI by unknown threat actors.","Google's Threat Intelligence Group identified an unknown threat actor exploiting a zero-day vulnerability in a web-based system administration tool, with analysis suggesting AI was weaponized to discover and develop the exploit. The vulnerability enables 2FA bypass on valid credentials and was disclosed responsibly to the affected vendor. The discovery marks the first confirmed use of AI in the wild for malicious vulnerability discovery and exploit generation.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fhackers-used-ai-to-develop-first-known.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEgF329-zAoI4gwIW3h3gRYiDJjcRSyWPM4DLHFQwNNGfLTVaROqIfQZ0QB1FwWGmvMGuyNAF9Q6QBYcwLsqMsCka5Lqu82CzUbrBULnUDQwtY_4z6KiOEKSETes6as77XfUCaJVBUOCovZz8jajp6vBp9AAjHiS7BEviANEH0FxmzZwdrTapD3R-gPQWKJ1\u002Fs1600\u002Fai-hacker.jpg","2026-05-11T15:45:00+00:00",{"id":313,"title":314,"slug":315,"brief":316,"ai_summary":317,"url":318,"image_url":319,"published_at":320},"dcd970d5-7ab6-4904-8b63-2afa666b11bb","Google Detects First AI-Generated Zero-Day Exploit","google-detects-first-ai-generated-zero-day-exploit-e7aa31","Google identifies first AI-generated zero-day exploit designed to bypass 2FA on web administration tool.","Google has identified a zero-day vulnerability believed to be the first developed using artificial intelligence, created by a prominent cybercrime group to bypass two-factor authentication on an open-source web-based system administration tool. The exploit was implemented as a Python script and distributed for mass exploitation. The report also details how Chinese state-sponsored group UNC2814 and North Korean APT45 are actively using AI tools and techniques, including jailbreaks and recursive prompt analysis, to enhance vulnerability discovery and validate exploit capabilities at scale.","https:\u002F\u002Fwww.securityweek.com\u002Fgoogle-detects-first-ai-generated-zero-day-exploit\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2023\u002F10\u002FZero-Day-Exploit.jpg","2026-05-11T13:04:21+00:00",{"id":322,"title":323,"slug":324,"brief":325,"ai_summary":326,"url":327,"image_url":328,"published_at":329},"5618371e-7e13-41a0-be4f-0e123b592ba3","Google: Hackers used AI to develop zero-day exploit for web admin tool","google-hackers-used-ai-to-develop-zero-day-exploit-for-web-admin-tool-a403f0","Google reports hackers used AI to develop zero-day exploit for web admin tool.","Researchers at Google Threat Intelligence Group discovered a zero-day exploit targeting an unnamed open-source web administration tool that was likely generated using AI to bypass two-factor authentication. Analysis of the Python exploit code revealed characteristics typical of large language model output, including educational docstrings and a hallucinated CVSS score. The finding demonstrates that threat actors increasingly leverage AI for vulnerability discovery and exploitation, with additional evidence linking Chinese, North Korean, and Russian state-sponsored groups to AI-assisted attack development.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fgoogle-hackers-used-ai-to-develop-zero-day-exploit-for-web-admin-tool\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F11\u002Fai.jpg","2026-05-11T13:02:30+00:00",{"id":331,"title":332,"slug":333,"brief":334,"ai_summary":335,"url":336,"image_url":337,"published_at":338},"8c9ba7cb-b398-4de3-9fc9-1952eb8a16c6","Google spotted an AI-developed zero-day before attackers could use it","google-spotted-an-ai-developed-zero-day-before-attackers-could-use-it-b550a6","Google detects AI-developed zero-day exploit before cybercrime group mass-exploitation campaign.","Google Threat Intelligence Group discovered a zero-day vulnerability that was developed using artificial intelligence and alerted the affected vendor before a prominent cybercrime group could launch a mass-exploitation campaign. Researchers found telltale artifacts in the exploit code—including Python documentation strings, excessive annotations, and a hallucinated CVSS score—that proved AI was heavily involved in its creation. This marks the first confirmed instance Google has observed of attackers using AI to develop zero-day exploits, though researchers believe this is likely just the beginning of a broader trend.","https:\u002F\u002Fcyberscoop.com\u002Fgoogle-threat-intelligence-group-ai-developed-zero-day-exploit\u002F","https:\u002F\u002Fcyberscoop.com\u002Fwp-content\u002Fuploads\u002Fsites\u002F3\u002F2026\u002F05\u002FGettyImages-2152310845.jpg","2026-05-11T13:00:00+00:00",{"id":340,"title":341,"slug":342,"brief":343,"ai_summary":344,"url":345,"image_url":346,"published_at":347},"9c273dab-9c8e-4fcd-ad38-4dec8fedd4e2","Hackers Exploit Vercel GenAI to Mass-Produce Convincing Phishing Sites","hackers-exploit-vercel-genai-to-mass-produce-convincing-phishing-sites-9e0dac","Hackers abuse Vercel GenAI to mass-produce convincing phishing sites mimicking Microsoft, Adidas, Nike.","Cybersecurity researchers at Cofense have discovered hackers exploiting Vercel's v0.dev generative UI platform to create high-quality phishing websites that mimic major brands like Microsoft, Adidas, Nike, and Spotify. By leveraging GenAI, even minimally skilled attackers can now rapidly produce convincing fake login pages and integrate them with Telegram bots for real-time credential theft, making detection significantly harder. The low barrier to entry (free\u002Fcheap Vercel accounts) and ease of regenerating sites after takedown represent a new threat vector that traditional security detection methods struggle to identify.","https:\u002F\u002Fhackread.com\u002Fhackers-exploit-vercel-genai-phishing-sites\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fhackers-exploit-vercel-genai-phishing-sites.png","2026-05-11T10:34:38+00:00",{"id":349,"title":350,"slug":351,"brief":352,"ai_summary":353,"url":354,"image_url":355,"published_at":356},"94b2714b-9d1a-4183-a2eb-1dd420b40922","Hackers abuse Google ads, Claude.ai chats to push Mac malware","hackers-abuse-google-ads-claude-ai-chats-to-push-mac-malware-b72e55","Attackers abuse Google Ads and Claude.ai shared chats to distribute macOS malware via social engineering.","Threat actors are running an active malvertising campaign targeting macOS users searching for Claude AI downloads. By abusing Google Ads and Anthropic's legitimate Claude.ai shared chat feature, attackers trick users into running terminal commands that install credential-stealing malware. The campaign uses polymorphic payload delivery and victim profiling to evade detection and selectively target non-Russian users.","https:\u002F\u002Fwww.bleepingcomputer.com\u002Fnews\u002Fsecurity\u002Fhackers-abuse-google-ads-claudeai-chats-to-push-mac-malware\u002F","https:\u002F\u002Fwww.bleepstatic.com\u002Fcontent\u002Fhl-images\u002F2026\u002F05\u002F07\u002FClaude_AI.png","2026-05-10T17:52:15+00:00",{"id":358,"title":359,"slug":360,"brief":361,"ai_summary":362,"url":363,"image_url":364,"published_at":365},"d274d683-cd7d-40cb-b33d-18135559cc9a","Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak","ollama-out-of-bounds-read-vulnerability-allows-remote-process-memory-leak-c84897","Critical out-of-bounds read in Ollama allows remote memory leak affecting 300K+ servers.","A critical out-of-bounds read vulnerability (CVE-2026-7482, CVSS 9.1) in Ollama's GGUF model loader allows unauthenticated remote attackers to leak entire process memory by uploading a specially crafted model file. The flaw, codenamed \"Bleeding Llama,\" affects versions before 0.17.1 and impacts an estimated 300,000+ servers globally, potentially exposing API keys, environment variables, system prompts, and user conversation data. Additionally, two unpatched Windows update mechanism vulnerabilities in Ollama can be chained for persistent code execution.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Follama-out-of-bounds-read-vulnerability.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEj92eUjjTTMJPizvUJGwq7Ych7nrXHwGRNt3hS9yjNGRJk5d3pdIKjeZhQDVuFp0DnKjP4qoieGWFjswm7nHDLBaxWC3DxFIfLfRjMSEXd0Ta04vcTrbCpS9PEXebUUbMBxBt0VOb-PKVk-7Cq0FjuMXl4VtKneb5a3ujCo872goPN22GBFFhReJtWsQJLK\u002Fs1600\u002Foll.jpg","2026-05-10T12:41:00+00:00",{"id":367,"title":368,"slug":369,"brief":370,"ai_summary":371,"url":372,"image_url":373,"published_at":374},"c41eb32c-333d-408e-8d45-5708466540df","ClaudeBleed Vulnerability Lets Hackers Hijack Claude Chrome Extension to Steal Data","claudebleed-vulnerability-lets-hackers-hijack-claude-chrome-extension-to-steal-d-2767ad","ClaudeBleed vulnerability in Claude Chrome extension allows data exfiltration via guardrail bypass.","Security researchers at LayerX discovered ClaudeBleed, a critical vulnerability in Anthropic's Claude for Chrome extension that allows attackers to hijack the AI assistant and steal private Google Drive and Gmail data. The flaw stems from improper message source validation and trust boundary violations, enabling even unprivileged extensions to execute malicious commands. Anthropic's May 6 patch remains incomplete, as researchers demonstrated additional bypass techniques including forcing privileged mode activation without user consent.","https:\u002F\u002Fhackread.com\u002Fclaudebleed-vulnerability-hackers-claude-chrome-extension\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Fclaudebleed-vulnerability-hackers-claude-chrome-extension.jpg","2026-05-08T13:36:18+00:00",{"id":376,"title":377,"slug":378,"brief":379,"ai_summary":380,"url":381,"image_url":382,"published_at":383},"cc446245-03b8-4f28-822e-c007be808b24","Flaw in Claude’s Chrome extension allowed ‘any’ other plugin to hijack victims’ AI","flaw-in-claude-s-chrome-extension-allowed-any-other-plugin-to-hijack-victims-ai-72fb6b","Chrome extension flaw in Anthropic's Claude allows malicious plugins to hijack AI agent without permissions.","Researchers at LayerX discovered a privilege escalation vulnerability in Claude's Chrome extension that allows any other plugin to inject hidden instructions and take control of the AI agent, bypassing safety guardrails. The flaw stems from missing authentication checks when the extension communicates with Claude's LLM, enabling attackers to perform unauthorized actions like stealing files from Google Drive, accessing emails, and exfiltrating source code. Anthropic issued a partial fix on May 6 that added approval flows, but LayerX claims the vulnerability persists in certain scenarios.","https:\u002F\u002Fcyberscoop.com\u002Fclaude-chrome-extension-allows-plugins-to-hijack-ai\u002F","https:\u002F\u002Fcyberscoop.com\u002Fwp-content\u002Fuploads\u002Fsites\u002F3\u002F2026\u002F02\u002Fclaude-code-security.jpeg","2026-05-08T13:06:32+00:00",{"id":385,"title":386,"slug":387,"brief":388,"ai_summary":389,"url":390,"image_url":391,"published_at":392},"74686cf8-e43a-40b5-8238-f6b4298f906d","AI Firm Braintrust Prompts API Key Rotation After Data Breach","ai-firm-braintrust-prompts-api-key-rotation-after-data-breach-08af90","Braintrust AI platform suffers AWS account breach exposing customer API keys.","Braintrust, an AI evaluation and observability platform, disclosed a data breach on May 5 after hackers accessed an internal AWS account on May 4. The breach exposed API keys for major AI provider integrations (OpenAI, Anthropic, etc.) that customers had stored in Braintrust's systems. The company has advised all customers to rotate their stored AI provider secrets and confirmed at least one customer was directly affected, with three others reporting suspicious usage spikes.","https:\u002F\u002Fwww.securityweek.com\u002Fai-firm-braintrust-prompts-api-key-rotation-after-data-breach\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2023\u002F11\u002FAI_Risks.jpg","2026-05-08T11:14:01+00:00",{"id":394,"title":395,"slug":396,"brief":397,"ai_summary":398,"url":399,"image_url":400,"published_at":401},"ad372f07-42d3-4f71-80a3-777b4743bf11","One Missed Threat Per Week: What 25M Alerts Reveal About Low-Severity Risk","one-missed-threat-per-week-what-25m-alerts-reveal-about-low-severity-risk-e4d796","Analysis of 25M security alerts reveals 1% of confirmed incidents came from low-severity alerts, with one missed threat","A comprehensive report analyzing 25 million security alerts across enterprise environments found that nearly 1% of confirmed incidents originated from alerts initially classified as low-severity or informational—roughly one missed breach per week at average organizational scale. The research also revealed critical gaps: 51% of confirmed endpoint compromises had already been marked as \"mitigated\" by EDR vendors, and attackers increasingly use trusted infrastructure (Vercel, OneDrive, PayPal) for phishing campaigns that bypass traditional email security architectures. The findings expose how constrained, severity-based SOC operations systematically enable threat actors to exploit predictable detection gaps.","https:\u002F\u002Fthehackernews.com\u002F2026\u002F05\u002Fone-missed-threat-per-week-what-25m.html","https:\u002F\u002Fblogger.googleusercontent.com\u002Fimg\u002Fb\u002FR29vZ2xl\u002FAVvXsEjUaPw5V89Ez9z5x8eFLFOhwPphGqXDQVGfd2sI-pX9Q1XTcpYlWEhFiZ6o12fzAyvtCFDQ0zs4AFlHl4HJNnjWH8hUXM9r_-oBl7YMEnU1F41Ho7DL23NJbgG4M3eoqF6CTZWqFtFcw0gOB8QfkCPW1_xQ-HwmvWr3GMzEeRFbC8SLgG5LsdnopTAHDOs\u002Fs1600\u002Fai-soc.jpg","2026-05-08T10:30:00+00:00",{"id":403,"title":404,"slug":405,"brief":406,"ai_summary":407,"url":408,"image_url":409,"published_at":410},"780c4736-e0ba-487b-bcc6-927d2b3e3dc4","Vulnerability in Claude Extension for Chrome Exposes AI Agent to Takeover","vulnerability-in-claude-extension-for-chrome-exposes-ai-agent-to-takeover-78ba37","ClaudeBleed vulnerability in Claude Chrome extension allows attackers to hijack AI agent via prompt injection.","LayerX discovered ClaudeBleed, a vulnerability in Anthropic's Claude Chrome extension that allows attackers to take over the AI agent through lax permissions and improper trust implementation. By creating a malicious extension, attackers can inject prompts, bypass user confirmations via DOM manipulation, and exfiltrate data from Gmail, GitHub, and Google Drive. Anthropic's partial patch only addressed the issue in standard mode, leaving privileged mode exploitable without user notification.","https:\u002F\u002Fwww.securityweek.com\u002Fvulnerability-in-claude-extension-for-chrome-exposes-ai-agent-to-takeover\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2024\u002F06\u002FChrome.jpeg","2026-05-08T06:53:36+00:00",{"id":412,"title":413,"slug":414,"brief":415,"ai_summary":416,"url":417,"image_url":418,"published_at":419},"ced4ea5b-fbb8-4168-b110-a7d69bc1b883","Hackers Use Fake Claude AI Site to Infect Users With New Beagle Malware","hackers-use-fake-claude-ai-site-to-infect-users-with-new-beagle-malware-3a8dcb","Hackers use fake Claude AI site to distribute new Beagle backdoor malware via malvertising.","Researchers discovered a malvertising campaign using a counterfeit Claude AI website (claude-pro.com) to distribute a previously unknown backdoor named Beagle. The attack leverages DLL sideloading of a legitimate G DATA antivirus file to execute malicious payloads, with command-and-control infrastructure hosted on Alibaba Cloud. Evidence suggests the threat actor has been active for months using similar techniques across multiple campaigns.","https:\u002F\u002Fhackread.com\u002Fhackers-fake-claude-ai-site-infect-beagle-malware\u002F","https:\u002F\u002Fhackread.com\u002Fwp-content\u002Fuploads\u002F2026\u002F05\u002Ffake-claude-ai-site-spreads-new-beagle-backdoor.jpg","2026-05-07T21:34:18+00:00",{"id":421,"title":422,"slug":423,"brief":424,"ai_summary":425,"url":426,"image_url":427,"published_at":428},"dca4a3f3-cdf4-4d0f-a9d9-7b81ea7e0ef6","When prompts become shells: RCE vulnerabilities in AI agent frameworks","when-prompts-become-shells-rce-vulnerabilities-in-ai-agent-frameworks-1f0439","Microsoft discloses RCE vulnerabilities in Semantic Kernel AI agent framework via prompt injection.","Microsoft Security researchers discovered two critical vulnerabilities (CVE-2026-25592 and CVE-2026-26030) in Semantic Kernel, an open-source AI agent framework, that could allow attackers to achieve remote code execution through prompt injection attacks. By leveraging the framework's tool-binding mechanisms, attackers can turn prompt injections into host-level RCE, enabling unauthorized execution of system commands. The vulnerabilities underscore systemic risks in popular AI frameworks used to build production agents with active network access.","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002F2026\u002F05\u002F07\u002Fprompts-become-shells-rce-vulnerabilities-ai-agent-frameworks\u002F","https:\u002F\u002Fwww.microsoft.com\u002Fen-us\u002Fsecurity\u002Fblog\u002Fwp-content\u002Fuploads\u002F2026\u002F03\u002FMS_Actional-Insights_AI-agents.jpg","2026-05-07T20:22:39+00:00",{"id":430,"title":431,"slug":432,"brief":433,"ai_summary":434,"url":435,"image_url":436,"published_at":437},"15649106-4e9c-4ef5-afeb-cbeeb5e192e5","Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking","claude-code-oauth-tokens-can-be-stolen-through-stealthy-mcp-hijacking-eb2ef5","Mitiga researchers disclose OAuth token theft vulnerability in Claude Code via MCP hijacking.","Mitiga Labs identified a stealthy man-in-the-middle attack against Claude Code that allows attackers to intercept and steal OAuth tokens by hijacking MCP (Model Context Protocol) traffic through malicious npm lifecycle hooks. The attack persists invisibly, automatically recovers from token rotation, and grants attackers full access to connected SaaS platforms. Anthropic dismissed the disclosure as \"out of scope\" on April 12, 2026, citing user consent.","https:\u002F\u002Fwww.securityweek.com\u002Fclaude-code-oauth-tokens-can-be-stolen-through-stealthy-mcp-hijacking\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F11\u002FClaude-AI.jpeg","2026-05-07T14:33:06+00:00",{"id":439,"title":440,"slug":441,"brief":442,"ai_summary":443,"url":444,"image_url":445,"published_at":446},"b595f4f9-0791-44f0-9bbe-520c33cbfca1","Threat actors leverage LLMs to accelerate development of malicious browser extensions. These exte...","threat-actors-leverage-llms-to-accelerate-development-of-malicious-browser-exten-6bdfb6","Threat actors use LLMs to develop malicious browser extensions disguised as AI tools.","Threat actors are leveraging large language models to accelerate the development of malicious browser extensions that masquerade as legitimate AI tools. These extensions exploit browser privileges to steal sensitive user data. This represents an emerging threat vector combining AI-assisted development with social engineering and privilege abuse.","https:\u002F\u002Fx.com\u002FUnit42_Intel\u002Fstatus\u002F2052388085883658394","https:\u002F\u002Fpbs.twimg.com\u002Fmedia\u002FHHuMEjXWcAI96Ko.jpg","2026-05-07T14:00:25+00:00",{"id":448,"title":449,"slug":450,"brief":451,"ai_summary":452,"url":453,"image_url":454,"published_at":455},"5d960790-5c8b-41e4-96aa-3f4bb00839b0","AI Coding Agents Could Fuel Next Supply Chain Crisis","ai-coding-agents-could-fuel-next-supply-chain-crisis-031f1c","AI coding agents (Claude Code, Gemini CLI, Copilot CLI) vulnerable to malicious repo injection enabling supply chain","Researchers at Adversa.AI discovered a critical vulnerability affecting multiple AI coding agents that allows attackers to inject malicious code through GitHub repositories. When developers use these tools on untrusted repos, a single keystroke on a default-trusted folder prompt can execute arbitrary code with full developer privileges, potentially compromising CI\u002FCD pipelines and enabling widespread supply chain attacks. The flaw affects Claude Code, Gemini CLI, GitHub Copilot CLI, and Cursor CLI—a convention across agentic coding CLIs rather than an isolated issue.","https:\u002F\u002Fwww.securityweek.com\u002Fai-coding-agents-could-fuel-next-supply-chain-crisis\u002F","https:\u002F\u002Fwww.securityweek.com\u002Fwp-content\u002Fuploads\u002F2025\u002F12\u002FCode-3rd-Party-Risk.jpg","2026-05-07T13:00:00+00:00",[],[],[459],{"id":460,"title":461,"body":462,"tags":463,"author_name":467,"updated_at":468,"created_at":469},"95fa2e67-7bcd-4c70-b063-80d78dc74624","Use MITRE ATLAS to threat model your AI systems","If your organization is deploying LLMs, ML pipelines, or agentic AI, you need a threat model built for AI. MITRE ATLAS is the ATT&CK equivalent for AI systems.\n\n**What it covers:**\n- 16 tactics mapping the full AI attack lifecycle\n- 85+ techniques specific to AI\u002FML systems\n- 57 real-world case studies\n\n**Two tactics are unique to ATLAS (not in ATT&CK):**\n- **AI Model Access**: how attackers reach your model (API probing, direct inference, physical access)\n- **AI Attack Staging**: preparation for AI-specific attacks (crafting adversarial inputs, poisoning training data)\n\n**Key techniques to know:**\n- Data Poisoning: injecting malicious data into training sets\n- Prompt Injection: biasing LLMs to produce harmful outputs\n- Model Inversion: extracting training data from a model\n- AI Supply Chain Compromise: tampering with models or datasets before deployment\n- LLM Jailbreaking: bypassing safety guardrails\n\n**Practical steps:**\n1. Map your AI assets against ATLAS tactics\n2. Identify which techniques apply to your deployment model (API, on-prem, fine-tuned)\n3. Run AI-focused tabletop exercises using ATLAS case studies\n4. Integrate ATLAS into existing threat modeling alongside ATT&CK\n\nOnly about 50 techniques have been observed in the wild so far. The attack surface is growing faster than the threats. Get ahead of it.\n\nStart here: [atlas.mitre.org](https:\u002F\u002Fatlas.mitre.org\u002F)",[5,464,465,466],"threat-modeling","mitre","frameworks","Marcus Lenngren","2026-04-04T15:35:46.190096+00:00","2026-04-04T07:57:05.189442+00:00",[],51]