All AI security intelligence reports, filtered and scored by relevance, mapped to MITRE ATLAS and OWASP LLM Top 10.
Bruce Schneier analyses Anthropic's Claude Mythos Preview and Project Glasswing, a controlled deployment programme aimed at finding and patching software vulnerabilities before the model is publicly …
Artemis, a cybersecurity startup focused on AI-powered threat defence, has emerged from stealth with $70 million in funding, positioning itself to counter AI-driven attacks across applications, users, …
A North Korean threat group (UNC1069) compromised the popular npm Axios library via a supply chain attack, injecting a backdoor (WAVESHAPER.V2) into two poisoned versions that were inadvertently …
The article argues that AI's primary security risk lies not in introducing entirely new vulnerability classes, but in dramatically amplifying the impact and exploitability of well-established ones. …
A chained vulnerability in Cursor AI—a widely-used AI-powered code editor—allowed attackers to combine indirect prompt injection with a sandbox escape and the application's built-in remote tunnel …
A researcher has disclosed a novel prompt injection attack technique dubbed 'Comment and Control,' demonstrating that popular AI coding agents — including Claude Code, Gemini CLI, and GitHub Copilot …
OpenAI has expanded access to GPT-5.4-Cyber, a fine-tuned model designed for defensive cybersecurity applications, following Anthropic's reveal of its Mythos cybersecurity model. While framed as a …
Research published via Schneier on Security reveals that humans systematically over-trust LLMs in strategic game environments, defaulting to Nash-equilibrium rational play based on assumptions of LLM …
CrowdStrike has announced a partnership with OpenAI's Threat Actor Collaboration (TAC) programme, positioning frontier AI models as defensive tools within the cybersecurity operations space. The …
The article examines the architectural tension between fully agentic AI systems and deterministic validation frameworks in security testing contexts, arguing that unconstrained AI autonomy introduces …
A structural vulnerability in Anthropic's Model Context Protocol (MCP) allows unsanitized commands to be executed silently within AI environments, potentially enabling full system compromise. …
Capsule Security, an Israeli startup, has emerged from stealth with $7 million in seed funding focused on runtime security for AI agents, continuously monitoring their behaviour to detect and prevent …
Gas Town, a developer tool with 14.2k GitHub stars, allegedly ships configuration files that autonomously consume users' LLM API credits and GitHub account permissions to perform work on the …
Prompt injection vulnerabilities in Salesforce Agentforce and Microsoft Copilot were patched after researchers demonstrated that external attackers could exploit them to exfiltrate sensitive user …
A packaging error exposed 512,000 lines of Claude Code's source, revealing severe code quality issues including a 3,167-line monolithic function, undocumented API waste, and regex-based sentiment …