LIVE FEED
FIRST LOOK Yellow Teams Bring AI Offense and Defense Into One Security Function // FIRST LOOK Tracebit Ships AWS Context Bombing Defence Against AI Hacking Agents // FIRST LOOK FriendMachine Launches Jacquard Lang for AI-Written Code Review // CRITICAL Check Point 2026 AI Security Report: LLMs Now Run Live Attacks // FIRST LOOK OpenAI GPT-5.6 Sol Ships Faster Parallel Tool-Use for Agents // FIRST LOOK Meta Launches Muse Image with Public Instagram Photo Reuse // FIRST LOOK Estonia Launches State-Issued Digital IDs for AI Agents // HIGH AI Widens Skill-Ability Gap, Enabling Autonomous Cyberattacks // FIRST LOOK OpenAI Expands ChatGPT Into Family and Caregiver Households // FIRST LOOK Iroh Launches Mesh LLM for Distributed AI Across Peer Nodes //
Check Point 2026 AI Security Report: LLMs Now Run Live Attacks

Check Point 2026 AI Security Report: LLMs Now Run Live Attacks

ATLAS OWASP CRITICAL Active exploitation · Immediate action required ▲ 9.2 Check Point Research

Check Point Research's 2026 AI Security Report documents a fundamental shift in the threat landscape: AI has moved from a development accelerator to an active operator within live intrusions, with nation-state and criminal actors alike deploying LLMs to conduct hands-on attack operations. The report highlights the maturation of AI-enabled criminal tooling markets, the rise of indirect prompt injection as an operationally relevant attack vector, and persistent enterprise data leakage through unsanctioned AI application use. Agentic architectures are being specifically exploited through planted configuration files that persist malicious instructions across sessions, representing a durable and largely invisible bypass technique.

Stash AI Memory Poisoning Exposes Agent Data Leakage

Stash AI Memory Poisoning Exposes Agent Data Leakage

ATLAS OWASP MEDIUM Moderate risk · Monitor closely ▲ 6.5 HN AI Security

Stash is an open-source persistent memory layer for AI agents using PostgreSQL and pgvector, exposing a broad MCP tool surface (28 tools) that introduces significant attack vectors including memory poisoning, sensitive data leakage, and cross-namespace contamination. While marketed as a productivity enhancement, the architecture centralises long-term agent memory in a shared backend, creating a high-value target for adversarial manipulation. Security teams deploying autonomous agents should treat persistent memory stores as critical infrastructure requiring strict access controls and integrity validation.

0x4F0x3A0xFF0x0D0x7B0xC20xA10x550x0D0x7B0xC20xA10x550xE80x120x9F0xA10x550xE80x120x9F0xD40x2E0x880x120x9F0xD40x2E0x880x610xB30x4F0x2E0x880x610xB30x4F0x3A0xFF0x0D0xB30x4F0x3A0xFF0x0D0x7B0xC20xA10xFF0x0D0x7B0xC20xA10x550xE80x12LLM SECURITYDark ReadingHIGHPrompt Injection Flaws in Salesforce and AIMicrosoft

Prompt Injection Flaws in Salesforce and Microsoft AI

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.2 Dark Reading

Prompt injection vulnerabilities in Salesforce Agentforce and Microsoft Copilot were patched after researchers demonstrated that external attackers could exploit them to exfiltrate sensitive user data. The flaws highlight systemic risks in enterprise AI agent deployments, where insufficient input sanitisation allows malicious content to hijack agent behaviour. Both vendors have issued patches, but the incidents underscore the growing attack surface introduced by agentic AI systems operating with elevated privileges.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.