AI & LLM
AI and LLM covers generative models, agents, prompt injection, data security and new artificial intelligence tools. The collection connects capabilities, limitations, operational risks and their impact on technical work.

Apple Compresses Patch Cycle After AI Uncovers Four WebKit Flaws
On June 29, 2026, Apple released iOS 26.5.2, iPadOS 26.5.2, macOS Tahoe 26.5.2, and Safari 26.5.2, addressing over 30 vulnerabilities.…

Avalon: The Malware Framework Merging AI and Multi-Evasion to Strike
The Avalon framework combines credential harvesting, multi-EDR evasion, and the CrownX ransomware into a single attack chain. Blackpoi…

BusySnake Stealer: The APT That Generates Malware With AI
Armored Likho uses LLMs to write first-stage payloads and PyArmor Pro to obfuscate them. Kaspersky's report reveals an infostealer tar…

Cursor Hit by Two Critical CVEs: RCE and Zero-Click via Sandbox Prompt Injection
Two vulnerabilities in Cursor rated CVSS 9.8 allow sandbox escape and remote code execution without user interaction. The fix is avail…

AI-Generated Ransomware Attacks via Browser: No Payload, Just Chrome Permissions
Check Point analyzed a DeepSeek-generated sample that encrypts local files by abusing Chrome's File System Access API. No exploit, no…

Phantom Squatting: When AI Generates Your Next Supply-Chain Threat
Unit 42 documents a novel attack vector: adversaries proactively register domains hallucinated by LLMs to intercept traffic from AI-in…

Agentjacking: Fake Bug Report Hijacks AI Coding Agents, 85% Success Rate
Tenet Security researchers demonstrated on June 12, 2026 that a poisoned Sentry error report can hijack Claude Code, Cursor, and Codex…

BioShocking: How a Game Tricks Agentic AI into Stealing Credentials
LayerX researchers demonstrated BioShocking, a prompt injection attack that manipulates agentic AI browsers into exfiltrating sensitiv…

DarkMoon: Open-Source AI Pentesting at $10 a Scan — and the Hard Limit of Vendor LLM Classifiers
DarkMoon separates LLM reasoning from execution via MCP to bypass Anthropic's safety classifiers. At roughly $10 per web-app scan, the…

OpenClaw: 5 Malicious Skills Evade AI Scanners for Months
Unit 42 reveals evasive skills on ClawHub exploiting semantic instruction hijacking. 80% of 49,943 skills analyzed show behavioral dev…

Claude Code Tricked: Clean Repo Opens Reverse Shell
Mozilla 0DIN demonstrates that Claude Code executes malware from clean GitHub repositories by exploiting its own proactivity: a fabric…

CVE-2026-12957: Cloud Credential Theft via Amazon Q Developer
A high-severity vulnerability (CVSS 8.5) in the Amazon Q Developer extension for VS Code allowed automatic execution of malicious MCP…