Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest 2026-04-16 at 15:03 By Eduard Kovacs Researchers found more than 80 high-impact cloud and AI vulnerabilities during the event, which had a $5 million prize pool. The post Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest appeared first on […]
Microsoft Paid Out $2.3 Million at Zero Day Quest 2026 Hacking Contest Read More »
Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments 2026-04-16 at 12:11 By Eduard Kovacs A researcher has disclosed the details of the AI attack method he has named ‘Comment and Control’. The post Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments appeared first on SecurityWeek.
Capsule Security Emerges From Stealth With $7 Million in Funding 2026-04-15 at 17:15 By Ionut Arghire The Israeli startup aims to secure AI agents at runtime, continuously monitoring their behavior to prevent unsafe actions. The post Capsule Security Emerges From Stealth With $7 Million in Funding appeared first on SecurityWeek. This article is an excerpt
Capsule Security Emerges From Stealth With $7 Million in Funding Read More »
‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks 2026-04-15 at 16:34 By Kevin Townsend Researchers warn that a flaw in Anthropic’s Model Context Protocol allows unsanitized commands to execute silently, enabling full system compromise across widely used AI environments. The post ‘By Design’ Flaw in MCP Could Enable Widespread AI Supply
‘By Design’ Flaw in MCP Could Enable Widespread AI Supply Chain Attacks Read More »
Testing reveals Claude Mythos’s offensive capabilities and limits 2026-04-14 at 18:15 By Zeljka Zorz Could Claude Mythos Preview, Anthropic’s latest large language model, be leveraged for fully automated cyber attacks? The UK government’s AI Security Institute (AISI) tested its capability to successfully engage in capture-the-flag (CTF) challenges and multi-step attack scenarios, and found that that
Testing reveals Claude Mythos’s offensive capabilities and limits Read More »
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats 2026-04-14 at 16:21 By Kevin Townsend CISOs face a shrinking window to prepare as AI models like Mythos collapse the gap between vulnerability discovery and exploitation, driving a new era of high-velocity cyberattacks. The post ‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated
‘Mythos-Ready’ Security: CSA Urges CISOs to Prepare for Accelerated AI Threats Read More »
Fake Claude Website Distributes PlugX RAT 2026-04-13 at 13:22 By Ionut Arghire The malware mimics the legitimate Anthropic installation, relies on DLL sideloading, and cleans up after itself. The post Fake Claude Website Distributes PlugX RAT appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Fake Claude Website Distributes PlugX RAT Read More »
Can we Trust AI? No – But Eventually We Must 2026-04-09 at 17:32 By Kevin Townsend From hallucinations and bias to model collapse and adversarial abuse, today’s AI is built on probability rather than truth, yet enterprises are deploying it at speed without fully understanding the risks. The post Can we Trust AI? No –
Can we Trust AI? No – But Eventually We Must Read More »
Apple Intelligence AI Guardrails Bypassed in New Attack 2026-04-09 at 17:32 By Eduard Kovacs RSAC researchers hacked Apple Intelligence using the Neural Exect method and Unicode manipulation. The post Apple Intelligence AI Guardrails Bypassed in New Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Apple Intelligence AI Guardrails Bypassed in New Attack Read More »
Claude helps researcher dig up decade-old Apache ActiveMQ RCE vulnerability (CVE-2026-34197) 2026-04-09 at 16:17 By Zeljka Zorz In the latest demonstration of how AI assistants can help with bug hunting, Horizon3.ai researcher Naveen Sunkavally used Claude to unearth CVE-2026-34197, a remote code execution vulnerability in Apache ActiveMQ that’s been introduced in the codebase 13 years
Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks 2026-04-07 at 21:53 By Kevin Townsend New AI model drives Project Glasswing, a effort to secure critical software before advanced capabilities fall into the wrong hands. The post Anthropic Unveils ‘Claude Mythos’ – A Cybersecurity Breakthrough That Could Also Supercharge Attacks appeared first on
GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data 2026-04-07 at 20:31 By Ionut Arghire By targeting Grafana’s AI components, attackers can point to external resources and inject indirect prompts to bypass safeguards. The post GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
GrafanaGhost: Attackers Can Abuse Grafana to Leak Enterprise Data Read More »
The New Rules of Engagement: Matching Agentic Attack Speed 2026-04-07 at 19:40 By Nadir Izrael The cybersecurity response to AI-enabled nation-state threats cannot be incremental. It must be architectural. The post The New Rules of Engagement: Matching Agentic Attack Speed appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
The New Rules of Engagement: Matching Agentic Attack Speed Read More »
Trent AI Emerges From Stealth With $13 Million in Funding 2026-04-07 at 19:34 By Ionut Arghire The startup has created a layered security solution aiming to secure AI agents throughout their entire lifecycle. The post Trent AI Emerges From Stealth With $13 Million in Funding appeared first on SecurityWeek. This article is an excerpt from
Trent AI Emerges From Stealth With $13 Million in Funding Read More »
Critical Flowise Vulnerability in Attacker Crosshairs 2026-04-07 at 18:34 By Ionut Arghire The improper validation of user-supplied JavaScript code allows attackers to execute arbitrary code and access the file system. The post Critical Flowise Vulnerability in Attacker Crosshairs appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Critical Flowise Vulnerability in Attacker Crosshairs Read More »
Google DeepMind Researchers Map Web Attacks Against AI Agents 2026-04-06 at 19:38 By Ionut Arghire Malicious web content can be used to manipulate, deceive, and exploit autonomous AI agents navigating the internet, Google DeepMind researchers show. The researchers have identified six types of attacks against AI agents that can be mounted via web content to
Google DeepMind Researchers Map Web Attacks Against AI Agents Read More »
Critical Vulnerability in Claude Code Emerges Days After Source Leak 2026-04-02 at 21:45 By Kevin Townsend Within days of each other, Anthropic first leaked the source code to Claude Code, and then a critical vulnerability was found by Adversa AI. The post Critical Vulnerability in Claude Code Emerges Days After Source Leak appeared first on
Critical Vulnerability in Claude Code Emerges Days After Source Leak Read More »
Mercor Hit by LiteLLM Supply Chain Attack 2026-04-02 at 13:45 By Ionut Arghire The AI recruiting firm is investigating the incident as Lapsus$ claimed the theft of 4TB of Mercor data. The post Mercor Hit by LiteLLM Supply Chain Attack appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Mercor Hit by LiteLLM Supply Chain Attack Read More »
Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents 2026-04-02 at 11:09 By SecurityWeek News Variance has raised a total of $26 million in funding and the latest investment will fuel platform growth. The post Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents appeared first on SecurityWeek. This article is
Variance Raises $21.5M for Compliance Investigation Platform Powered by AI Agents Read More »
Depthfirst Raises $80 Million in Series B Funding 2026-04-01 at 20:32 By Ionut Arghire The startup will expand its AI research team, train additional security models, and scale enterprise adoption. The post Depthfirst Raises $80 Million in Series B Funding appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
Depthfirst Raises $80 Million in Series B Funding Read More »