Open-Source-Security

4 reports

All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning

ATLAS OWASP MEDIUM Simon Willison May 29, 2026 ▲ 6.2

SQLite Bans Agentic Code Submissions as AI Bug Report Floods Begin

SQLite has formally prohibited agentic code contributions and strengthened its policy language, reflecting growing concern over AI-generated submissions overwhelming open source maintainers. The …

AML.T0047 - ML-Enabled Product or Service AML.T0043 - Craft Adversarial Data

ATLAS OWASP HIGH The Hacker News May 25, 2026 ▲ 8.5

Anthropic's Claude Mythos Autonomously Uncovers 10,000 Critical Software Flaws

Anthropic's Project Glasswing has deployed Claude Mythos Preview — a frontier AI model — to autonomously discover over 10,000 high- and critical-severity vulnerabilities across widely used open-source …

AML.T0047 - ML-Enabled Product or Service AML.T0040 - ML Model Inference API Access AML.T0043 - Craft Adversarial Data

ATLAS OWASP HIGH Simon Willison May 08, 2026 ▲ 7.2

Claude Mythos AI-Assisted Fuzzing Uncovers 423 Firefox Security Bugs in One Month

Mozilla used early access to Anthropic's Claude Mythos model to systematically discover and patch hundreds of previously unknown vulnerabilities in Firefox, including bugs over 15–20 years old. The …

AML.T0040 - ML Model Inference API Access AML.T0047 - ML-Enabled Product or Service AML.T0043 - Craft Adversarial Data

ATLAS OWASP HIGH HN AI Security Apr 16, 2026 ▲ 8.5

Does Gas Town 'steal' usage from users' LLM credits to improve itself?

Gas Town, a developer tool with 14.2k GitHub stars, allegedly ships configuration files that autonomously consume users' LLM API credits and GitHub account permissions to perform work on the …

AML.T0010 - ML Supply Chain Compromise AML.T0012 - Valid Accounts AML.T0047 - ML-Enabled Product or Service