LIVE FEED
FIRST LOOK Yellow Teams Bring AI Offense and Defense Into One Security Function // FIRST LOOK Tracebit Ships AWS Context Bombing Defence Against AI Hacking Agents // FIRST LOOK FriendMachine Launches Jacquard Lang for AI-Written Code Review // CRITICAL Check Point 2026 AI Security Report: LLMs Now Run Live Attacks // FIRST LOOK OpenAI GPT-5.6 Sol Ships Faster Parallel Tool-Use for Agents // FIRST LOOK Meta Launches Muse Image with Public Instagram Photo Reuse // FIRST LOOK Estonia Launches State-Issued Digital IDs for AI Agents // HIGH AI Widens Skill-Ability Gap, Enabling Autonomous Cyberattacks // FIRST LOOK OpenAI Expands ChatGPT Into Family and Caregiver Households // FIRST LOOK Iroh Launches Mesh LLM for Distributed AI Across Peer Nodes //
CVE-2026-43715: Apple WebKit Memory Corruption Flaw

CVE-2026-43715: Apple WebKit Memory Corruption Flaw

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.2 The Hacker News

Apple patched over 30 vulnerabilities across iOS, macOS, and Safari, with four WebKit flaws credited to AI-assisted discovery by OpenAI Codex Security and Anthropic researchers using Claude. The disclosure marks a notable shift in AI's role in offensive and defensive security research, with Apple explicitly citing AI-accelerated exploit development as the reason for expediting its patch release timeline. This represents a concrete, documented instance of AI tooling being used to find memory corruption and use-after-free vulnerabilities in a major browser engine.

Mythos AI Exploits macOS Kernel Memory Corruption

Mythos AI Exploits macOS Kernel Memory Corruption

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 7.5 Schneier on Security

A threat group leveraged Anthropic's Mythos AI model to identify and exploit a kernel memory corruption vulnerability in Apple's M5 chip running macOS. This represents a concrete, reported instance of AI-assisted vulnerability research being used offensively to discover low-level hardware-adjacent exploits. The incident underscores the dual-use danger of increasingly capable AI coding and reasoning models in the hands of adversarial actors.

Autonomous Exploit Generation: Claude Mythos Risk

Autonomous Exploit Generation: Claude Mythos Risk

ATLAS OWASP HIGH Significant risk · Prioritise patching ▲ 8.5 Schneier on Security

Bruce Schneier analyses Anthropic's Claude Mythos Preview and Project Glasswing, a controlled deployment programme aimed at finding and patching software vulnerabilities before the model is publicly released due to its advanced cyberattack capabilities. The piece highlights a growing offensive AI capability gap, noting that newer LLMs can autonomously chain memory corruption bugs and operationalise exploits without human orchestration, while observing that defenders currently retain a marginal advantage because vulnerability discovery is easier than exploitation. Schneier warns that this advantage is narrowing rapidly and that the industry must prepare for a world of commoditised zero-day exploits.

◉ AI THREAT BRIEFING

Stay ahead of the threat.

Twice-weekly digest of critical AI security developments — every story mapped to MITRE ATLAS and OWASP LLM Top 10. Free.

No spam. Unsubscribe anytime.