AI & LLM
AI and LLM covers generative models, agents, prompt injection, data security and new artificial intelligence tools. The collection connects capabilities, limitations, operational risks and their impact on technical work.
DNS-AID: Linux Foundation Launches Decentralized Discovery for AI Agents
The Linux Foundation has launched DNS-AID, an open-source protocol that leverages existing DNS infrastructure to enable decentralized…
Shadow AI: First 8-K Filing Signals Shift from Internal Policy to Regulatory Mandate
The first SEC 8-K filing for unauthorized AI use marks a turning point for corporate governance. As Shadow AI evolves into 'vibe-coded…
CERT-In Mandates 12-Hour Patching Window to Combat AI-Driven Exploits
India’s national cyber agency, CERT-In, has established a new 12-hour remediation standard for internet-facing and 'crown jewel' syste…
Poisoned AI Chatbots: A New Vector for High-Performance GPU Cryptojacking
Microsoft has identified an active campaign that manipulates AI chatbot recommendations to distribute GPU-based cryptojacking malware…
Critical Flowise RCE: Exploit Code Released for CVSS 9.9 Vulnerability
Obsidian Security has published proof-of-concept exploit code for CVE-2026-40933, a critical RCE vulnerability in Flowise. The flaw le…
Cyber May: AI Attacks Emerge, but Basic Vectors Remain the Primary Threat
In ESET’s May roundup, Tony Anscombe documents critical infrastructure breaches in Poland, Mexico’s first 'AI-directed' attack, and Go…
AI-Directed Attacks and ICS Vulnerabilities: ESET’s Tony Anscombe on DynoWiper and the First AI Zero-Day
In his May 2026 security review, ESET’s Tony Anscombe analyzes a landscape of extremes: from the first AI-generated zero-day and 'AI-d…
ChatGPhish: ChatGPT Summaries Weaponized as Phishing Traps
The ChatGPhish vulnerability exploits ChatGPT's renderer to inject malicious links and QR codes during web page summarization. OpenAI…
LLM Agent Conducts Autonomous Post-Exploitation via Marimo RCE
Sysdig documents the first case of an LLM agent completely replacing a human operator in post-exploitation following a critical RCE on…
Qumulo NeuralProtect: AI-Driven Ransomware Defense at the Point of Write
Qumulo has announced NeuralProtect, an AI-powered security layer designed to potentially intercept ransomware at the storage level, fe…
Palo Alto Networks Sets Patch Record as Frontier AI Reshapes Vulnerability Discovery
Palo Alto Networks has released its May 2026 Patch Wednesday, disclosing 26 CVEs across more than 130 products. For the first time, th…
OpenAI Codex: Reported Sandbox Escape Disclosed (ZDI-26-305)
A reported sandbox escape in OpenAI Codex (ZDI-26-305) could potentially allow code execution via specific JavaScript repositories. Th…