Simon Willison has created a git-based tool to track the evolution of Anthropic's publicly published Claude system prompts across model versions, enabling structured diff analysis of prompt changes …
Google has patched a critical prompt injection vulnerability in an agentic AI tool designed for filesystem operations, where insufficient input sanitisation enabled sandbox escape and arbitrary code …
A now-patched vulnerability in Google's agentic IDE Antigravity allowed attackers to achieve arbitrary code execution by injecting malicious flags into the find_by_name tool's Pattern parameter, …
GoModel is an open-source AI gateway written in Go that provides a unified OpenAI-compatible API across multiple LLM providers including OpenAI, Anthropic, Gemini, Groq, xAI, and Ollama. As an …
A systemic 'by design' vulnerability in Anthropic's Model Context Protocol (MCP) SDK enables arbitrary remote code execution across all supported language implementations via unsafe STDIO transport …
Anthropic's published system prompt diff between Claude Opus 4.6 and 4.7 reveals significant expansions in agentic tool access, autonomous browsing capabilities, and child safety guardrails — changes …
Bruce Schneier analyses Anthropic's Claude Mythos Preview and Project Glasswing, a controlled deployment programme aimed at finding and patching software vulnerabilities before the model is publicly …
The article argues that AI's primary security risk lies not in introducing entirely new vulnerability classes, but in dramatically amplifying the impact and exploitability of well-established ones. …
A chained vulnerability in Cursor AI—a widely-used AI-powered code editor—allowed attackers to combine indirect prompt injection with a sandbox escape and the application's built-in remote tunnel …
A researcher has disclosed a novel prompt injection attack technique dubbed 'Comment and Control,' demonstrating that popular AI coding agents — including Claude Code, Gemini CLI, and GitHub Copilot …
OpenAI has expanded access to GPT-5.4-Cyber, a fine-tuned model designed for defensive cybersecurity applications, following Anthropic's reveal of its Mythos cybersecurity model. While framed as a …
Research published via Schneier on Security reveals that humans systematically over-trust LLMs in strategic game environments, defaulting to Nash-equilibrium rational play based on assumptions of LLM …
The article examines the architectural tension between fully agentic AI systems and deterministic validation frameworks in security testing contexts, arguing that unconstrained AI autonomy introduces …
A structural vulnerability in Anthropic's Model Context Protocol (MCP) allows unsanitized commands to be executed silently within AI environments, potentially enabling full system compromise. …
Capsule Security, an Israeli startup, has emerged from stealth with $7 million in seed funding focused on runtime security for AI agents, continuously monitoring their behaviour to detect and prevent …