
GitLost: How Prompt Injection Leaks Private GitHub Data
GitHub's AI agents can be manipulated through public issues to leak private repository data, highlighting a major security flaw in agentic workflows.
Automated and manual discovery of software vulnerabilities, exploit development, and security testing against real-world targets.

GitHub's AI agents can be manipulated through public issues to leak private repository data, highlighting a major security flaw in agentic workflows.

Open-weight model GLM 5.2 surpassed frontier models in IDOR detection benchmarks, signaling a shift toward cost-effective and private AI for security tasks.

Exploitarium is a consolidated open-disclosure archive of vulnerability research and exploit PoCs designed for educational purposes and community reporting.

Claude Mythos accelerates the threat of automated cyberattacks, making the adoption of Zero Trust and AI-assisted defense an urgent necessity rather than an option.
A benchmark of public AI models reveals that Anthropic's Mythos is uniquely skilled at finding elusive security bugs, though cheap Chinese models are rapidly closing the gap.

A US government ban on Anthropic's advanced AI models is being criticized by experts as a misguided reaction to standard defensive coding prompts.

SkillSpector is an automated security tool that scans AI agent skills for vulnerabilities and malicious intent using static and semantic analysis.

An open-source reference implementation for building autonomous, LLM-powered vulnerability detection and remediation pipelines.

An evaluation of various LLMs found that GPT-5.5 is highly effective at exploiting Broken Access Control vulnerabilities, though safety filters and high costs remain significant barriers for other models.
A flaw in VSCode's keyboard event handling allows malicious repositories to steal GitHub tokens on github.dev by automatically installing rogue extensions.

Anthropic is scaling its AI-driven cybersecurity initiative, Project Glasswing, to help critical infrastructure providers and open-source maintainers detect and patch vulnerabilities before AI-powered attacks become widespread.

Project Glasswing demonstrates that AI can find software vulnerabilities at an unprecedented scale, shifting the security focus from discovery to the urgent need for faster patching.

Cloudflare’s research with Mythos Preview demonstrates that while AI can autonomously chain exploits, effective defense requires specialized multi-agent harnesses and a focus on architectural security.
Due to new Linux kernel vulnerabilities, users should avoid installing new software for a week to prevent supply chain attacks.

Wiz Research used AI-augmented tools to find a critical RCE vulnerability in GitHub's internal protocol that could compromise millions of repositories via a simple git push.

AISLE used autonomous AI analysis to discover and help patch 38 vulnerabilities in OpenEMR, establishing a new standard for proactive healthcare software security.

GPT-5.5 delivers a revolutionary increase in vulnerability detection and hacking efficiency, outperforming previous models and setting a new bar for AI in cybersecurity.
AI cybersecurity is a contest of model intelligence and reasoning, not a brute-force competition of computational resources.

OpenAI's Codex successfully discovered and exploited a kernel memory vulnerability to gain root access on a Samsung Smart TV.

Ransomware activity is currently outpacing global security spending growth by a factor of three to one.

A malicious actor weaponized a portfolio of 30+ acquired WordPress plugins to conduct a massive, blockchain-coordinated supply chain attack.
Current AI agent benchmarks are easily gamed through infrastructure exploits, necessitating a new standard of adversarial robustness and environment isolation to accurately measure model capabilities.

AI cybersecurity is a 'jagged frontier' where small models often match frontier performance, proving that the orchestration system is the true competitive moat.

Anthropic is restricting its powerful new Claude Mythos model to a select group of security partners to prevent a potential wave of AI-driven cyberattacks while patching critical software vulnerabilities.

Project Glasswing is a collaborative effort to use Anthropic's highly capable Claude Mythos model for defensive cybersecurity to protect critical global infrastructure from AI-augmented threats.

Anthropic researcher Nicholas Carlini used Claude Code to uncover a 23-year-old Linux kernel vulnerability, signaling a new era of AI-driven security research.
OpenClaw version 2026.3.28 fixes a critical authorization flaw that allowed users to escalate their privileges to admin via the device pairing process.
A massive influx of valid security reports is ending the era of secret embargoes and forcing a shift toward continuous software maintenance.

Snowflake Cortex Code CLI was vulnerable to a sandbox escape and human-in-the-loop bypass that allowed unauthorized malware execution via indirect prompt injection.
A security database that evaluates and ranks the instructional risks and permission levels of AI agent skills to prevent exploitation.

An autonomous AI agent hacked McKinsey’s internal AI platform in two hours, exposing millions of confidential records and highlighting the urgent need to secure the prompt layer.

Claude Opus 4.6's discovery of 22 Firefox vulnerabilities highlights a powerful, yet potentially temporary, AI-driven advantage for software defenders.

Exploit development is becoming a token-limited, scalable process with LLMs, so we must prepare and demand real-target, high-budget evaluations.

Notion AI saves edits before consent, enabling prompt-injected external image loads that exfiltrate user data regardless of user approval.

An exposed Mintlify static endpoint let malicious SVGs run on customer primary domains, creating a widespread supply-chain XSS affecting Discord, X, and many others.

OpenAI’s GPT-5.2-Codex pushes agentic coding and defensive cyber forward while rolling out with stricter safeguards and gated access.

Update your RSC stack now: fixed react-server-dom versions patch a DoS and source code leak that affect many frameworks, though no new RCE is possible.

Critical RCE in React Server Components affects Next.js App Router; upgrade to the listed patched versions now.

AI agents have enabled near-autonomous, state-linked cyber espionage at scale, forcing a rapid shift toward AI-powered cyber defense and stronger safeguards.