LIVE THREATS
HIGH Python Supply-Chain Compromise // HIGH Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign // HIGH Google's Vertex AI Is Over-Privileged. That's a Problem // CRITICAL Flowise AI Agent Builder Under Active CVSS 10.0 RCE Exploitation; 12,000+ Instances … // CRITICAL How We Broke Top AI Agent Benchmarks: And What Comes Next // LOW Anthropic Claude Mythos Preview: The More Capable AI Becomes, the More Security It Needs // CRITICAL US summons bank bosses over cyber risks from Anthropic's latest AI model // HIGH Can Anthropic Keep Its Exploit-Writing AI Out of the Wrong Hands? // HIGH Browser Extensions Are the New AI Consumption Channel That No One Is Talking About // HIGH Process Manager for Autonomous AI Agents //
XMRIG

Xmrig

1 report
All LLM Security Industry News Agentic AI Supply Chain Regulatory Research Adversarial ML Model Theft Prompt Injection
SUPPLY CHAINOver 1,000 Exposed ComfyUI Instances inTargeted Cryptomining Botnet CampaignHIGHTHE HACKER NEWS7.2GRID THE GREY
ATLAS OWASP HIGH The Hacker News ▲ 7.2

Over 1,000 Exposed ComfyUI Instances Targeted in Cryptomining Botnet Campaign

Threat actors are actively exploiting internet-exposed ComfyUI instances — a popular AI image generation platform — by abusing its custom node execution feature to achieve unauthenticated remote code …

AML.T0010 - ML Supply Chain Compromise AML.T0047 - ML-Enabled Product or Service AML.T0040 - ML Model Inference API Access