LIVE THREATS
MEDIUM OpenAI Daybreak Deploys Agentic AI Models for Vulnerability Detection and Patching // LOW State Machine Guardrails Proposed to Rein In Uncontrolled AI Agent Tool Access // CRITICAL Mini Shai-Hulud Supply Chain Worm Compromises Mistral AI, Guardrails AI and TanStack … // HIGH Adversaries Leverage LLMs to Accelerate Exploit Development and Attack Automation // CRITICAL AI-Developed Zero-Day Exploit Used in Mass Exploitation Attempt, Mandiant Warns // CRITICAL AI-Generated Zero-Day Exploit Bypasses 2FA in First Confirmed Wild Use // MEDIUM LLMs Demonstrate Strong Capability for Covert Text Steganography // CRITICAL Typosquatted OpenAI Repo on Hugging Face Delivered Rust Infostealer to 244K Users // HIGH Fake OpenAI Repository on Hugging Face Delivers Rust-Based Infostealer // HIGH ClaudeBleed Flaw Lets Rogue Chrome Extensions Hijack AI Agent //
PERSISTENCE

Persistence

1 report
All LLM Security Industry News Agentic AI Research Supply Chain Prompt Injection Regulatory Adversarial ML Jailbreaks Model Theft Data Poisoning
Mini Shai-Hulud Supply Chain Worm Compromises Mistral AI, Guardrails AI and TanStack Packages
ATLAS OWASP CRITICAL Active exploitation · Immediate action required The Hacker News ▲ 9.2

Mini Shai-Hulud Supply Chain Worm Compromises Mistral AI, Guardrails AI and TanStack Packages

The TeamPCP threat actor has executed a broad supply chain campaign dubbed Mini Shai-Hulud, injecting credential-stealing malware into npm and PyPI packages from major AI and developer tooling …

AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service AML.T0018 - Backdoor ML Model