v2.1.209
What's changed Fixed /model and other dialogs being blocked in claude agents background sessions (reverts an overly broad guard)
tools299 entries. Last updated .
Curated AI security news, tool releases, and CVEs. Updated daily.
No entries match this filter yet. Pick another category or check back tomorrow.
What's changed Fixed /model and other dialogs being blocked in claude agents background sessions (reverts an overly broad guard)
toolsWhat's changed Added screen reader mode: opt-in plain-text rendering for screen reader users. Run claude --ax-screen-reader , set CLAUDE_AX_SCREEN_READER=1, or …
tools
DOOMQL Peter Gostev built this using GPT-5.6 Sol. This is a lot of fun: DOOMQL started with a deliberately unreasonable question: what if SQLite were the game …
research
In some companies, engineers are building defense and attack tools to test the potential of artificial intelligence for cybersecurity — and its threat.
newsPatch Changes Updated dependencies [ 7c49b47 , e0a0ab7 , 8e1d2e9 , 3f07a32 ]: @modelcontextprotocol/server@2.0.0-beta.4
toolsPatch Changes #2486 ee8267a Thanks @felixweinberger ! - Version the codemod together with the core SDK packages, matching the migration guide's shared-version …
toolsPatch Changes Updated dependencies [ 7c49b47 , e0a0ab7 , 8e1d2e9 , 3f07a32 ]: @modelcontextprotocol/server@2.0.0-beta.4
toolsMinor Changes #2477 8e1d2e9 Thanks @felixweinberger ! - Move the schema source modules (spec schemas, OAuth schemas, protocol constants) into …
toolsMinor Changes #2477 8e1d2e9 Thanks @felixweinberger ! - Move the schema source modules (spec schemas, OAuth schemas, protocol constants) into …
toolsMinor Changes #2468 5db6e38 Thanks @felixweinberger ! - The response cache now stores results as JSON-serialized documents (serialize on write, parse on read) …
toolsPatch Changes Updated dependencies [ 7c49b47 , e0a0ab7 , 8e1d2e9 , 3f07a32 ]: @modelcontextprotocol/server@2.0.0-beta.4
toolsMinor Changes #2477 8e1d2e9 Thanks @felixweinberger ! - Move the schema source modules (spec schemas, OAuth schemas, protocol constants) into …
toolsPatch Changes Updated dependencies [ 7c49b47 , e0a0ab7 , 8e1d2e9 , 3f07a32 ]: @modelcontextprotocol/server@2.0.0-beta.4
tools
Somewhere right now, a security tool is quietly finding bugs faster than any human can fix them. That's supposed to be the good news. The catch is that the …
news
Give an AI assistant a memory and access to your inbox, and you hand an attacker a way to rewrite what it thinks it knows about you. A single email can trick …
news
A new phishing-as-a-service (PhaaS) operation called Forg365 is using a combination of device code phishing, adversary-in-the-middle (AitM) tactics, antibot …
newsAn open source, AI-driven system adopts victim personas to engage with phishing attackers, allowing organizations and law enforcement to gather relevant data on …
newsGoogle and AIM launched ATL Saathi, a Gemini-powered AI tool empowering Indian educators in robotics labs.
vendor
Meta has filed a patent application for an AI that listens to your voice throughout the day, works out how it thinks you are feeling from the way you sound, and …
news
A few days ago, I was sitting with the CISO of a Fortune 50 company, walking through how his security team was thinking about AI agents in the SOC. Smart team. …
news
Cybersecurity researchers have flagged an intrusion in which an unknown threat actor leveraged a vibe-coded PowerShell script for Active Directory (AD) …
news
OpenAI is temporarily relaxing GPT-5.6 Sol usage after demand for the company's most powerful model surged over the past 48 hours. [...]
newsOne of the consequences of GPT-5.6 Sol being clearly a Fable/Mythos class model is that Anthropic have, once again, bumped the date that Fable stops being …
researchRelease: sqlite-utils 4.1.1 Mainly a fix for an edge case that regular Claude chat spotted while experimenting with the 4.1 release to answer a question about …
research
Anthropic has just extended access to Claude Fable 5 for paid subscribers until July 19, giving you another week to keep using the most powerful model. [...]
news
A PNG hiding a prompt injection could steal your repo's secrets, researchers demonstrate. The technique, dubbed 'Ghostcommit,' slipped past AI code reviewers …
newsWhat's changed Auto mode is now available without CLAUDE_CODE_ENABLE_AUTO_MODE opt-in on Bedrock, Vertex AI, and Foundry; disable via disableAutoMode in …
tools
Details have emerged about three now-patched security flaws in the OpenClaw personal artificial intelligence (AI) assistant that, if successfully exploited, …
news
AI agents are accelerating the growth of non-human identities, making it harder for organizations to understand what exists, who owns it, and what it can …
news
AI coding tools cost $19-$200/month/user, but security scanning, remediation, and false positives add hidden costs. Are the productivity gains worth it?
news
A threat actor has been targeting organizations spanning multiple sectors with voice-based fake security requests that prompt Microsoft 365 users to enroll a …
news
How Deutsche Telekom is becoming an AI-native telco with OpenAI-transforming customer service, employee workflows, network operations, and the future of voice.
vendorRelease : v2026.7.10 Updated packages @modelcontextprotocol/server-filesystem@2026.7.10 mcp-server-time@2026.7.10 mcp-server-fetch@2026.7.10 …
toolsWhat's changed Added directory path suggestions to /cd , matching /add-dir behavior Added a /doctor check that proposes trimming checked-in CLAUDE.md files by …
tools[...] Work on web and mobile runs in the cloud. Work in the desktop app can also use local files and desktop apps with your permission. At launch, cloud Work …
research
Learn how to use ChatGPT, start your first conversation, and discover simple ways to write, brainstorm, and solve problems with AI.
vendor
OpenAI's latest flagship model hit general availability this morning , and comes in three sizes: Luna, Terra, and Sol (from smallest to largest). The new models …
research
If you're handling them like a service account or API token, consider yourself behind. AI agents need a fundamentally different approach.
news
Microsoft says Windows users should expect to see an increase in security updates as the company increasingly relies on artificial intelligence to discover …
newsRelease: llm-meta-ai 0.1 Let's LLM run prompts against the new muse-spark-1.1 model. Tags: llm , meta
researchRelease: llm 0.31.1 Fix for a bug with OpenAI Chat Completion endpoints where a tool call with empty arguments could result in a JSON error from some providers. …
research
A new phishing-as-a-service (PhaaS) operation called Forg365 focuses on stealing Microsoft 365 accounts by combining adversary-in-the-middle (AiTM) and device …
news
Security operations don't slow down when IT teams take vacation, but staffing levels often do. Kaseya explains how AI-driven automation can help organizations …
newsPatch Changes #2419 79dc162 Thanks @felixweinberger ! - Read the v2 package versions the codemod writes into migrated package.json files directly from the …
toolsPatch Changes #2456 44797d7 Thanks @felixweinberger ! - Restore the v1 parse tolerance for CallToolResult.content : an inbound legacy-era tools/call result …
toolsPatch Changes #2420 7635115 Thanks @felixweinberger ! - Add runtime-neutral Bearer authentication to @modelcontextprotocol/server : requireBearerAuth gates …
toolsPatch Changes Updated dependencies [ 44797d7 , 1b90c96 , 561c6d8 , ce2f65d , 7e69735 , e8de519 , 0ab5d14 , 24be404 , 7635115 , 61866d7 ]: …
toolsMinor Changes #2369 24be404 Thanks @mattzcarey ! - Allow inputRequired.elicit() to accept a Standard Schema such as a Zod object for requestedSchema . The …
toolsPatch Changes #2456 44797d7 Thanks @felixweinberger ! - Restore the v1 parse tolerance for CallToolResult.content : an inbound legacy-era tools/call result …
toolsPatch Changes #2441 561c6d8 Thanks @felixweinberger ! - POSTs whose Content-Type media type is not application/json are now rejected with 415 Unsupported Media …
toolsPatch Changes #2441 561c6d8 Thanks @felixweinberger ! - POSTs whose Content-Type media type is not application/json are now rejected with 415 Unsupported Media …
tools
A cryptomining incident highlights how AI gateways can provide access to AI models, cloud infrastructure, and identity and access management (IAM) data.
news
Learn how GPT-5.6 powers Microsoft 365 Copilot with stronger AI capabilities across Word, Excel, PowerPoint, Chat, and Cowork for faster, higher-quality work.
vendor
AI has changed how fast attacks move. Work that once took an attacker days now takes minutes. Using models like Mythos, attackers write tailored bait, pick …
news
This month exposed a harsh reality: autonomous coding agents are expanding the enterprise attack surface faster than we can patch them. Explore our digest of 19 …
research
More intelligence from every token, stronger performance per dollar, and more capability on demand for your hardest work.
vendor
ChatGPT Work is an agent that can take action across your apps and files, stay with a project for hours if needed, and turn a goal into finished work.
vendor
Details about the OpenAI Bio Bounty program
vendor
Meta has announced that its new artificial intelligence (AI) model Muse Image lets people use public Instagram posts and reels to generate AI content, and it's …
news
Ask an AI coding agent to scan open-source code for security holes, and it might run the attacker's code on your own machine instead. That is the finding in a …
news
Researchers at Wiz found that a flaw in six popular AI coding assistants lets a booby-trapped code project quietly take control of a developer's computer. The …
newsIntroducing GPT‑Live OpenAI finally upgraded the model used by ChatGPT voice mode! I've had preview access for a few weeks in the iPhone app, and the new model …
researchWhat's changed Added an auto mode rule that blocks tampering with session transcript files Fixed --json-schema silently producing unstructured output when the …
tools
The attacker exploited AI workflows, chained cloud weaknesses, and stolen credentials to extort a large Amazon customer.
newsI just declared a moratorium against AI-written change descriptions (e.g. PR and commit messages, also issues/tickets) from my team. AI was writing change …
research
Sophos looked at a week of its own endpoint data and found that AI coding agents such as Claude Code, Cursor, and OpenAI Codex are setting off detection rules …
news
AI coding assistants have a habit of making things up. Ask one to fetch a popular tool, and it will sometimes hand back a real-sounding name for a project that …
news
Specops Software explains how AI is making service desk impersonation attacks more convincing, personalized, and scalable, along with practical steps …
news
Learn how OpenAI approaches government and national security partnerships, with principles for responsible AI use, democratic accountability, and public safety.
vendor
A new analysis from OpenAI reveals issues in SWE-Bench Pro, a popular coding benchmark, raising concerns about reliability and accuracy in evaluating AI models.
vendor
A cybersecurity startup dangling millions of dollars to acquire zero-day security vulnerabilities in popular software is run by a pair of far-right conspiracy …
news
An AI coding assistant that refuses to answer a dangerous request in its chat box can answer it anyway if the same request is broken into small, …
news
OpenAI Academy and the Walton Family Foundation are bringing hands-on AI Skills Jams to help K–12 educators build practical AI skills for the classroom.
vendor
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) gave federal agencies until Friday to patch an actively exploited vulnerability in the Langflow …
news
The world's digital testing ground plans to help people use AI agents for government purposes.
newsWhat's changed Fixed hook events not streaming during SessionStart hooks in headless sessions, which could cause remote workers to be idle-reaped mid-hook
tools
A new generation of voice models for natural human-AI interaction, now powering ChatGPT Voice.
vendorWhat's changed Added a warning when your login is about to expire, so you can re-authenticate before background sessions are interrupted Added a grey ⏸ badge to …
tools
Varonis reported the flaw to Google in late 2025 and it has been addressed, but it reminds defenders to take a fresh look at their AI Infrastructure security.
newsTool: github-code Web Component An experimental Web Component built using GPT-5.5 and the following prompt : let's build a Web Component for embedding code from …
research
Cybersecurity researchers have disclosed details of a now-patched critical session isolation vulnerability in Writer, an enterprise generative artificial …
news
Tomorrow's webinar explores how behavioral AI can help organizations detect sophisticated phishing, business email compromise, and account takeover attacks …
news
Software supply chain security was hard enough. Then AI joined the build pipeline. For five years, "software supply chain security" meant one question: what's …
newsRelease: sqlite-utils 4.0rc4 The last RC before the 4.0 stable release. Mainly implements feedback from a detailed review by Claude Fable 5. Tags: sqlite-utils …
research
See how Australian Payments Plus uses ChatGPT Enterprise and Codex to move faster through payments complexity. AP+ saves time, improves quality, and keeps human …
vendor
MUFG uses ChatGPT Enterprise to build an AI-native organization, improve workflows, and deliver new AI-powered financial services at scale.
vendorWhat's changed Added a "Dynamic workflow size" setting in /config for controlling how large Claude generally makes dynamic workflows (small/medium/large agent …
tools
A phishing campaign is impersonating more than 30 well-known brands, including Adobe, Netflix, Coca-Cola, and OpenAI, in fake job interviews to steal Google …
news
An "agentic threat actor" successfully exploited a Langflow flaw to steal data from a production database server and encrypt other systems.
news
July's security digest covers the critical MCP vulnerabilities, real-world MCP exploitation, NSA's official MCP hardening guidelines. Explore these essential …
research
Every evolution in software development has reduced the friction between an idea and a deployable application. AI may remove the final barrier, but it also …
news
A streaming box should not need a threat model. Neither should a username field, a demo repo, a reset flow, or a browser permission prompt. That is the …
news
Building a shortlist for an AI SOC evaluation can be tough. SIEM, SOAR, and pureplay AI SOC vendors are all saying the same thing. But behind the identical …
news
Scanners meant to catch malicious add-on "skills" for AI coding agents can be fooled by a few simple changes that leave the malware working, according to a new …
newsRelease: sqlite-utils 4.0rc3 I hoped to release sqlite-utils 4.0 stable this weekend, but as I worked through the backlog of issues and PRs with a combination …
research
I wrote about the sqlite-utils 4.0rc1 release a couple of weeks ago. Since we only have Claude Fable on our Max subscriptions for a few more days, I decided to …
researchRelease: sqlite-utils 4.0rc2 See sqlite-utils 4.0rc2, mostly written by Claude Fable (for about $149.25) .
researchRelease : v2026.7.4 Updated packages @modelcontextprotocol/server-everything@2026.7.4 @modelcontextprotocol/server-filesystem@2026.7.4 …
toolsBetter Models: Worse Tools Armin reports on a weird problem he ran into while hacking on Pi: The short version is that newer Claude models sometimes call Pi’s …
research
Researchers identified what they believe is the first documented case of a ransomware operation, JadePuffer, conducted entirely by a large language model (LLM) …
newsWhat's changed Claude Sonnet 5 sessions no longer use the mid-conversation system role for harness reminders
toolsOpen Source AI Gap Map Current AI is "a global partnership building a public option for AI", founded as a non-profit at the AI Action Summit in Paris in …
researchOne of the most interesting tips I got from the Fireside Chat I hosted with Cat Wu and Thariq Shihipar from the Claude Code team at AIE on Wednesday was to let …
researchWhat's changed Changed AskUserQuestion dialogs to no longer auto-continue by default; opt into an idle timeout via /config Changed the "default" permission mode …
toolsThe June edition of my sponsors-only monthly newsletter is out. If you are a sponsor (or if you start a sponsorship now) you can access it here . This month: …
research
Anthropic says Claude Fable 5 won't be accessible via Claude subscriptions after July 7, but it's not a permanent change, and the company expects the model to …
news
Claude Fable, the company's most powerful model, is now available to all users, but early impressions are disappointing, as it appears to be nowhere near the …
newsWhat's changed Stacked slash-skill invocations like /skill-a /skill-b do XYZ now load all leading skills (up to 5), not just the first Fixed SSL certificate …
toolsRelease: llm-coding-agent 0.1a0 Another Fable 5 experiment. Now that my LLM library has evolved into more of an agent framework it's time to see what a simple …
research
Expect more compressed patching cycles from Apple going forward, as attackers leverage artificial intelligence to reduce time to exploit.
newsResearch: Using DSPy to evaluate and improve Datasette Agent's SQL system prompts One of this morning's AIE keynotes covered dspy , which reminded me I've been …
research
This week’s security news is mostly about weak spots. Browsers, bots, sandboxes, AI systems, and email flows all show the same problem in different ways. …
news
July 2026's agentic AI security roundup: agentic zero trust whitepapers, AutoJack & other new exploits, and the newest agent defenses. The post Top Agentic AI …
research
IBM and Red Hat assign 20,000 engineers to the new Project Lightwell service as Anthropic's Mythos findings ignite debate over how to secure the open-source …
newsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
toolsPatch Changes #2405 f172626 Thanks @mattzcarey ! - Ship CommonJS builds alongside ESM. Each package now emits both .mjs / .d.mts and .cjs / .d.cts (via tsdown …
tools
Microsoft has fixed a known issue causing the Copilot Chat or Copilot buttons in Classic Outlook to disappear for Windows users with the Copilot Chat (Basic) …
news
Identity lifecycle management was architected around a person with an employment record, a manager, and a departure date. AI agents have none of those. As …
news
Security firm Sysdig says it has found what it believes is the first ransomware attack run from start to finish by an AI agent. Its Threat Research Team calls …
newsMore details on Fable 5’s cyber safeguards and our jailbreak framework
vendorWhat's changed Claude in Chrome is now generally available Added background agent notifications in claude agents — sessions that need input or finish now fire …
tools
Modern phishing, business email compromise, and account takeover attacks increasingly exploit trusted identities and legitimate business workflows, making them …
news
LLMs consistently hallucinate Web domains for legitimate brands that attackers can register for malicious activity in a difficult-to-detect attack vector.
news
Two flaws in Cursor, an AI code editor, could let a single, ordinary-looking prompt break out of the editor's safety sandbox and run any command on a …
news
Cybersecurity researchers have flagged a new malware artifact generated using DeepSeek that constructed a novel attack path combining "unrealistic …
news
Large language models keep inventing web addresses that do not exist. Attackers have started buying those made-up domains before anyone else can, then hosting …
news
Anthropic is putting Claude Fable 5 back online worldwide. On June 30, the U.S. Commerce Department lifted the export controls it had imposed on Fable and its …
news
Anthropic has confirmed that the Department of Commerce has lifted export controls on Claude's two most powerful models, Fable 5 and Mythos 5. [...]
newsWe’ve received notice that the Department of Commerce has lifted export controls on Claude Fable 5 and Mythos 5. We'll begin restoring access tomorrow, and will …
researchFirst v2 beta, and the first release with full support for the 2026-07-28 MCP specification . Pre-releases are opt-in only; pip install mcp still resolves to …
tools
Anthropic is now rolling out Sonnet 5, and it's almost as good as the Opus range, but it is designed to be cheaper than the company's flagship model. [...]
newsv2 is a major revision of the TypeScript SDK for the 2026-07-28 MCP spec , and it's now in beta. The API is settling but can still change before the stable …
toolsPatch Changes #2402 a400259 Thanks @felixweinberger ! - First beta release of SDK v2 with support for the MCP 2026-07-28 specification revision. See the …
toolsPatch Changes #2402 a400259 Thanks @felixweinberger ! - First beta release of SDK v2 with support for the MCP 2026-07-28 specification revision. See the …
toolsPatch Changes #2402 a400259 Thanks @felixweinberger ! - First beta release of SDK v2 with support for the MCP 2026-07-28 specification revision. See the …
toolsPatch Changes #2402 a400259 Thanks @felixweinberger ! - First beta release of SDK v2 with support for the MCP 2026-07-28 specification revision. See the …
toolsPatch Changes #2402 a400259 Thanks @felixweinberger ! - First beta release of SDK v2 with support for the MCP 2026-07-28 specification revision. See the …
tools
Nano Banana 2 Lite Also known as Gemini 3.1 Flash Lite Image ( gemini-3.1-flash-lite-image in their API ), this is the "fastest and cheapest Gemini image model, …
research
A new prompt injection attack dubbed "BioShocking" could trick AI-powered browsers into treating real-world risky actions as part of a fictional scenario, …
news
"Agentjacking" is the latest demonstration of how easily attackers can exploit an AI agent's inability to differentiate between content and instructions.
news
What's new in Claude Sonnet 5 Claude Sonnet 5 came out this morning . I always head straight for the "what's new" developer docs because they tend to have more …
research
Attackers don't need any special authentication to reach a target endpoint — they just need to know where it is.
newsMinor Changes #2286 1823aae Thanks @felixweinberger ! - createMcpHandler now returns a web-standards-only { fetch, close, notify, bus } handler — the shape …
toolsMinor Changes #2286 1823aae Thanks @felixweinberger ! - Add Origin header validation alongside the existing Host header validation. The server package gains …
toolsMinor Changes #2286 1823aae Thanks @felixweinberger ! - SEP-2468 follow-up: transport.finishAuth() gains a URLSearchParams overload (preferred) that extracts …
toolsMajor Changes #2286 1823aae Thanks @felixweinberger ! - Split the wire layer into per-era codecs and make protocol-revision deletions physical. Deliberate …
tools
As AI reshapes cybersecurity workflows, John Paul Cunningham, CISO at SIlverfort, says the technology is creating opportunities rather than eliminating jobs — …
newsWhat's changed Introducing Claude Sonnet 5: now the default model in Claude Code, with a native 1M-token context window and promotional pricing of $2/$10 per …
tools
New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to make the …
newsThe AI Compass This political compass style quiz by bambamramfan is pretty neat - answer 29 questions about AI and AI ethics to see which of the 30 archetypes …
research
Threat actors are continuing to exploit a critical Langflow vulnerability as part of fresh attacks designed to deliver a Monero cryptocurrency miner. The …
news
A malicious extension in the Chrome Web Store is masquerading as the Perplexity AI answer engine, intercepting search traffic and collecting browsing …
news
The safety check that is supposed to stop an AI coding agent from running a dangerous command can be walked straight past using a shell trick that has been …
news
Researchers tested 444 AI chatbot apps for iPhone and found that 282 of them, nearly two-thirds, exposed paid AI access through their network traffic. In many …
news
AI coding assistants run shell commands with your full account authority, but their security filters are fundamentally flawed. Meet GuardFall: a vulnerability …
research
Teams are dealing with a truly dangerous problem — automation that works, but that no one understands.
news
New OpenAI Signals data shows how ChatGPT adoption is growing globally, with users increasing usage, exploring more capabilities, and driving growth across …
vendor
Convince an AI browser that it is playing a game, and it can hand over your login details. That is the finding behind BioShocking, a technique from security …
news
Apple on Monday released security updates for iOS, macOS, and the Safari web browser to address over three dozen flaws, including four vulnerabilities in WebKit …
news
Introducing GeneBench-Pro, a new benchmark testing AI performance in genomics, biology, and scientific research using complex, real-world datasets.
vendor
OpenAI engineers used large-scale core dump analysis to debug rare infrastructure crashes, uncovering both a hardware fault and a long-standing software bug.
vendor
Claude Science, an AI workbench for scientists, is now available
vendor
Introducing Claude Sonnet 5
vendor
Redeploying Fable 5
vendorWhat's changed Added support for organization default models — admins set it in the org console; it shows as "Org default" (or "Role default") in /model when …
tools
The infostealer was delivered via CVE-2026-48558, a critical authentication bypass vulnerability in SimpleHelp, targeting credentials linking development and …
news
Microsoft has found a malicious Chrome extension that posed as the AI search engine Perplexity and quietly logged what people searched for. It routed every …
news
Ornith-1.0: Self-Scaffolding LLMs for Agentic Coding This is an interesting new open weights (MIT licensed) model, the first model release from DeepReinforce. …
research
This week was a reminder that attackers do not always need big tricks. One small mistake, one old access path, one missed patch, and suddenly the door is open. …
news
AI agents can access data, trigger workflows, and take action across enterprise systems. Token Security explains why governing these privileged identities is …
news
Business email compromise attacks increasingly rely on convincing impersonation rather than malware, making them harder for employees and traditional email …
news
Adversaries could plant a malicious repository that can execute arbitrary code and steal cloud credentials by exploiting the vulnerability, which showcases …
news
A new OpenAI report maps how AI could reshape jobs across the EU, highlighting which occupations may face automation, growth, or workflow changes.
vendor
HP Inc. scales its OpenAI Frontier partnership to deploy AI across customer experiences, software development, and enterprise operations.
vendor
An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious payload that remains invisible to …
news
OpenAI on Friday released three versions of GPT-5.6, called Sol, Terra, and Luna, as a limited preview to a small number of companies as part of an ongoing …
newsWhat's changed Added CLAUDE_CODE_DISABLE_MOUSE_CLICKS to disable mouse click/drag/hover in fullscreen mode while keeping wheel scroll Fixed hook matchers with …
toolsThis is like saying there's no learning curve to being a manager because your employees will just do whatever you tell them to do. — Timothy B. Lee , on the …
research
Companies are still experimenting with automated AI systems to find security weaknesses, but fewer are relying on the technology.
newsWhat happened after 2,000 people tried to hack my AI assistant Fernando Irarrázaval ran a challenge on hackmyclaw.com to see if anyone could leak secrets held …
researchIncident Report: CVE-2026-LGTM Spectacular hypothetical incident report by Andrew Nesbitt. Day 2, 16:00 UTC --- Two AI review agents from competing vendors, …
research
Threat actors are creating OpenAI tenants that impersonate legitimate companies and inviting employees to join them, in what appears to be a ploy to trick …
newsWe're beginning a limited preview of the GPT‑5.6 series: Sol, our flagship model; Terra, a balanced model for everyday work; and Luna, a fast and affordable …
research
Instead of eliminating jobs for early-career cyber pros, AI is creating new opportunities for candidates with strong human decision-making skills.
news
AI won't replace GRC analysts, but it can eliminate much of the repetitive work they do. Anecdotes walks through building an agent that continuously monitors …
news
A high-severity flaw in Amazon Q Developer let a malicious repository run commands and steal a developer's cloud credentials. The path was short: a developer …
newsWhat's Changed [v1.x] Buffer per-request StreamableHTTP streams; store priming event before dispatch by @maxisbey in #2948 [v1.x] Set Development Status …
tools
AI agents are moving through enterprise environments, inheriting permissions, traversing systems, and executing decisions at machine speed with minimal …
news
OpenAI previews GPT-5.6 Sol, a next-generation model with stronger capabilities in coding, science, and cybersecurity, paired with its most advanced safety …
vendorThird v2 alpha. Pre-releases are opt-in only; pip install mcp still resolves to the stable 1.x line. pip install mcp==2.0.0a3 # or uv add " mcp==2.0.0a3 " See …
tools
Anthropic appears to be testing Claude Cowork support on mobile, allowing you to manage long-running Claude tasks from your phone. [...]
newsAI and Liability Bruce Schneier on the recent German ruling that Google be held liable for errors introduced in their AI overviews: AI agents are agents of the …
researchWhat's changed Added autoMode.classifyAllShell setting to route all Bash/PowerShell commands through the auto-mode classifier instead of only …
toolsMinor Changes #2206 e03bca9 Thanks @KKonstantinov ! - Add @modelcontextprotocol/server-legacy package with frozen v1 SSE transport and OAuth Authorization …
tools
A newly discovered macOS malware dubbed "Gaslight" is designed to confuse AI-assisted malware analysis tools by hiding prompt injection strings and fake …
news
It’s dumb out there again. This week has the usual smell of prod on fire and nobody wanting to admit who left the door open — old creds still working, trusted …
news
Last year, Jun Kokatsu disclosed an interesting vulnerability with ChatGPT Operator by exploiting a race condition. I was wondering if I could reproduce this …
research
Account takeover attacks continue to challenge security teams because attackers often operate through legitimate accounts and trusted services. This webinar …
news
OWASP ranks Identity & Privilege Abuse #3 because it sets the blast radius for every other AI agent risk. Read our full technical guide to ASI03: the five …
research
A previously undocumented Rust-based macOS implant and information stealer has been found to embed a prompt injection payload designed to trick a malware …
news
A new OpenAI research paper shows how AI agents are transforming work, enabling longer, more complex tasks and expanding productivity across roles.
vendorsimonw/browser-compat-db Inspired by Mozilla's new MDN MCP service - source code here - I decided to try converting their comprehensive mdn/browser-compat-data …
researchWhat's changed Added /rewind support for resuming a conversation from before /clear was run Fixed scroll position jumping to the bottom while reading earlier …
toolsIn the last few months, I've started to see [job applications] that were clearly cowritten by an LLM, link to an LLM-generated portfolio site, which then links …
research
OpenClaw removed five packages from ClawHub, its skills marketplace, that bypassed security checks even though they included infostealers and other threats.
news
What's changed Bug fixes and reliability improvements
tools
OpenAI and Broadcom introduce Jalapeño, a custom AI chip built for LLM inference to improve performance, efficiency, and scale across AI systems.
vendorWhat's changed Added sandbox.credentials setting to block sandboxed commands from reading credential files and secret environment variables Added org-configured …
tools
The CI/CD workflow weakness affects Microsoft's Azure Sentinel, Google's AI Agent Development Kit, Apache's Doris analytics database, Cloudflare's Workers SDK, …
news
GPT-5 Pro helped solve a 3-year-old immunology mystery, offering insights into T cell behavior. The breakthrough could support cancer and autoimmune research.
vendor
Security firm AIR built a fake AI agent skill, pushed it through a popular skill marketplace and an Instagram ad, and says it reached roughly 26,000 agents, …
news
OpenAI helps build shared standards for advanced AI, supporting evaluation frameworks, safety practices, and global cooperation through the Appia Foundation.
vendor
Phishing, BEC, and account takeover attacks continue to overwhelm security teams with alerts and investigations. This webinar explores how behavioral AI can …
news
Every weapon begins as an extension of the hand that holds it. The spear lengthened the reach of the arm. The bow sent the point flying without the throw. The …
news
An AI CTF write-up detailing a five-stage prompt injection challenge: what failed, what worked, and which LLM jailbreak techniques transfer to real guardrail …
research
OpenAI on Monday said it's releasing an improved version of its GPT‑5.5‑Cyber model to trusted defenders as part of the Daybreak initiative the artificial …
news
Discover how Omio uses OpenAI to power conversational travel experiences, accelerate product development, and transform into an AI-native company.
vendor
Introducing Claude Tag
vendorPrompt Injection as Role Confusion First, I absolutely love this: This is a blog-style writeup of the paper. I wish every paper would come with one of these. …
research
This morning on Hacker News I saw Moebius: 0.2B Lightweight Image Inpainting Framework with 10B-Level Performance , describing a small but effective inpainting …
research
Four vulnerabilities allow attackers to exploit Dify, a platform for AI application building and management, to silently access and exfiltrate sensitive data.
newsWhat's changed Added claude mcp login <name> and claude mcp logout <name> to authenticate MCP servers from the CLI without opening the interactive /mcp menu, …
tools
A vulnerability chain dubbed AutoJack in Microsoft's AutoGen Studio interface for prototyping AI agents could let attackers manipulate an agent into executing …
news
Cybersecurity researchers have disclosed details of four vulnerabilities in Dify, an open-source agentic workflow platform with more than 146,000 GitHub stars, …
news
Earlier this month, I spoke at the Gartner Security & Risk Management Summit about a blind spot most security programs are still not accounting for - how …
news
OpenAI introduces new Daybreak tools, including Codex Security and GPT-5.5-Cyber, to help organizations find, validate, and patch vulnerabilities at scale.
vendor
OpenAI introduces Patch the Planet, a Daybreak initiative helping open-source maintainers find, validate, and fix vulnerabilities with AI and expert review.
vendor
A new report from INTERPOL has revealed a "dramatic increase" in cybercrime in Asia and the South Pacific, fueled by rapid digitalization, internet penetration, …
news
Learn how Jason Liu uses Codex to preserve context, manage complex projects, and help work continue beyond a single prompt.
vendor
Samsung Electronics deploys ChatGPT Enterprise and Codex to employees worldwide, marking one of OpenAI’s largest enterprise AI rollouts.
vendorTemporary Cloudflare Accounts for AI agents The announcement says this is "for AI agents" but (as is pretty common these days) the AI hook isn't really …
researchWhat's changed The stream-stall hint now reads "Waiting for API response · will retry in …" instead of "No response from API · Retrying in …", and triggers …
tools
Microsoft has attributed a recent Mastra AI supply chain attack that compromised more than 140 npm packages to the North Korean hacking group Sapphire Sleet, …
newsThe real valuable capability MCP offers over skills/CLI is isolating the auth flow outside of the agent’s context window, and potentially out of the harness …
research
Microsoft researchers have detailed an exploit chain, named AutoJack, that turns an AI browsing agent into a delivery vehicle for remote code execution. Steer …
news
AI agents can access data, trigger workflows, deploy code, and interact with critical business systems, often with little oversight. Token Security breaks down …
newsAs threats proliferate and AI complicates cybersecurity, CISOs say the job is getting harder, but more companies still want cybersecurity expertise, if even on …
news
Modern phishing attacks, including Device Code phishing, can undermine MFA protections and grant attackers access to corporate accounts without stealing …
news
Introduction The average enterprise security team has 40 or more security tools, giving a lot of visibility into internal telemetry and asset data. But often, …
news
The first wave of enterprise AI concern was straightforward. It was simply employees pasting sensitive data into public AI tools. Security teams responded with …
news
A New York man faces cyberstalking charges after allegedly sharing AI-generated nude images and fabricated racist messages using fake social media profiles to …
newsWhat's changed Improved auto mode safety: destructive git commands ( git reset --hard , git checkout -- . , git clean -fd , git stash drop ) are now blocked …
toolschore: vscode 2.0.0 Co-authored-by: Cursor <cursoragent@cursor.com>
toolschore: vscode 2.1.0 Co-authored-by: Cursor <cursoragent@cursor.com>
tools
OpenAI introduces new spend controls and usage analytics for ChatGPT Enterprise, helping organizations manage costs and scale AI with confidence.
vendor
If an autonomous AI agent interacts with your company's core intellectual property today, can your security team instantly name the person who authorized it? …
news
The internet did not break this week. It got used exactly as designed, which is worse. Searches were siphoned through shady browser add-ons. AI chat links …
news
Learn how GPT-5.5 Instant improves ChatGPT’s health and wellness responses with stronger reasoning, better context, clearer communication, and …
vendor
Researchers used an OpenAI reasoning model to help diagnose rare diseases, identifying 18 new diagnoses in previously unsolved cases.
vendor
"Shield-6G" will combine AI threat detection, digital twins, honeypots, and more, to help carriers protect 6G networks against the threats of tomorrow.
news
OpenAI appears to be testing a new subscription and experience for science use cases, but it's unclear if it'll be available to everyone regardless of their …
news
Chinese AI lab Z.ai released GLM-5.2 to their coding plan subscribers on June 13th, and then yesterday (June 16th) released the full open weights under an MIT …
researchWhat's changed Added /config key=value syntax to set any setting from the prompt (e.g. /config thinking=false ) — works in interactive, -p , and Remote Control …
tools
An unknown threat actor has been observed leveraging paid or promoted posts on legitimate news websites to drum up buzz for their warez, according to new …
news
OpenAI and Molecule.one show how a near-autonomous AI chemist using GPT-5.4 improved a key drug-making reaction, advancing medicinal chemistry research.
vendor
Cybersecurity researchers have flagged a "coordinated malware campaign" on the JetBrains Marketplace that has published no less than 15 malicious plugins …
news
As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building …
news
Introducing LifeSciBench, an expert-authored, expert-reviewed benchmark for evaluating how AI systems handle real-world life science research tasks and …
vendorAnthropic opens Seoul office and announces new partnerships across the Korean AI ecosystem
vendor
An open letter signed by dozens of security experts asked the government to reverse export restrictions on Anthropic's Claude Fable 5 and Mythos 5 models.
newsSecond v2 alpha. Pre-releases are opt-in only; pip install mcp still resolves to the stable 1.x line. pip install mcp==2.0.0a2 # or uv add " mcp==2.0.0a2 " See …
tools
At least 15 malicious plugins found on the JetBrains Marketplace were designed to steal AI API keys from developers. [...]
newsDeprecations Two API surfaces now emit DeprecationWarning ahead of their removal in v2. Nothing is removed in 1.x, and the warnings fire only when the …
toolsUK government partners with Google DeepMind to build a new AI-powered prototype aimed at faster housing decisions.
vendorWhat's changed Fixed mid-stream connection drops: partial responses are now preserved instead of showing a raw error, and the spinner no longer gets stuck at …
tools
A flaw in the Google Cloud Vertex AI SDK for Python let an attacker with no access to a victim's project hijack the victim's machine learning model upload and …
newsSecuring internal systems with an AI Control Roadmap, combining traditional safeguards and real-time monitoring.
vendorRelease 2026.6.16
toolsThe Fable 5 Export Controls Harm US Cyber Defense I quoted The Atlantic quoting Kate Moussouris earlier, when I should have gone straight to the source. Here …
researchKatie Moussouris, a cybersecurity expert and the CEO of Luta Security, told me that Anthropic shared with her a copy of the White House’s report on the Fable …
research
OpenAI introduces Deployment Simulation, a method to predict AI model behavior before deployment using real conversation data to improve safety and evaluation …
vendor
The U.S. Department of Justice announced Friday that it has seized the CFAKE.com and SOCFAKE.com websites, which allegedly hosted nonconsensual AI-generated …
newsWhat's changed Added Tool(param:value) syntax for permission rules to match a tool's input parameters (with * wildcard), e.g. Agent(model:opus) to block Opus …
tools
The critical, three-stage attack is now patched, but it's part of a new group of AI prompt-injection issues that use hidden URLs and other variables.
newsStable release of the Continue VS Code extension (final release): removes the CLI-install banner and Generate Rule feature, switches onboarding and the …
toolsStable release of the Continue VS Code extension (final release): removes the CLI-install banner and Generate Rule feature, switches onboarding and the …
tools
A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian …
newsPre-release of the Continue VS Code extension (final-release cleanup).
tools
A single click on a trusted Microsoft link could have let an attacker pull emails, calendar details, and indexed files out of Microsoft 365 Copilot Enterprise …
news
AI-native operating systems are shifting the responsibility to stay vigilant against social engineering cyberattacks from the user onto the system itself.
news"They screwed us": Personality clashes sent Anthropic's models offline Lots of "source familiar with the administration's thinking" and "source close to …
research
Employees are increasingly building automations, agents, and apps with AI tools outside traditional security oversight. Tines explores how CISOs are handling …
news
Stuff broke again. Not in a movie way. An old tool was left exposed. An abandoned package was abused. A deprecated feature was still running in prod. This week …
news
A critical vulnerability chain dubbed SearchLeak in Microsoft 365 Copilot Enterprise could allow attackers to steal sensitive data from a target's mailbox, …
news
Anthropic abruptly suspended all access to Fable 5 and Mythos 5 after receiving an export control directive that banned foreign nationals from using the …
newsWhy AI hasn’t replaced software engineers, and won’t Arvind Narayanan and Sayash Kappor take on the question of AI job losses through the lens of a profession …
research
OpenAI launches the Partner Network, investing $150M to help global partners accelerate enterprise AI adoption, deployment, and transformation.
vendor
In a coordinated effort, the FBI, working with Google and Black Lotus Labs, has dismantled a massive Chinese phishing-as-a-service operation called Outsider …
news