AI & LLM
AI and LLM covers generative models, agents, prompt injection, data security and new artificial intelligence tools. The collection connects capabilities, limitations, operational risks and their impact on technical work.

Beyond IOCs: Talos Unveils Vision for LLMs in Threat Intelligence
Cisco Talos explores how large language models transcend traditional indicators of compromise by indexing strategic reports in natural…

ThreatsDay June 2026: Miasma Toolkit Leaked, Claude Code Patched, AI Agent Phishing
The June 2026 ThreatsDay Bulletin, published June 11 by Rescana, is an aggregated cyber threat digest. This analysis relies primarily…

Gaslight: macOS Malware Tricks AI Analyzers with Prompt Injection
SentinelOne researchers have documented Gaslight, a previously unknown Rust-based macOS implant that embeds a prompt-injection payload…

Europe Overtakes US: 684 Ransomware Attacks in Four Months
Europe has become the fastest-growing ransomware region in 2026, logging 684 publicly known attacks in the first four months — a 55% y…

FlowiseAI CSV Agent RCE: Arbitrary Python Code Execution with Authentication Bypass
ZDI-26-365 discloses a remote code execution vulnerability in FlowiseAI's CSV Agent: Python code injection via customReadCSV with auth…

Railway Cybersecurity: The IT/OT Boundary Has Collapsed
Rail systems are abandoning isolated SCADA for IP networks and AI. DNV's Jorge Aldegunde explains why security is now an active interf…

Mythos AI Finds Vulnerabilities in Classified U.S. Systems in Hours
Anthropic's Mythos model identified vulnerabilities in classified U.S. government systems during a Project Glasswing test, completing…

OpenAI Shifts the Remediation Paradox: From Finding Bugs to Patching Them
OpenAI releases GPT-5.5-Cyber and the Patch the Planet initiative. AI has solved vulnerability discovery, creating a larger problem: t…

DifyTap: Four CVEs Expose Broken Cross-Tenant Isolation in Dify
Zafran Security disclosed DifyTap, four vulnerabilities in Dify that allowed cross-tenant reading of conversations and files. Three we…

iOS AI Apps: 282 Exposed, Only 28% Fixed
Wake Forest study finds 282 of 444 analyzed iOS LLM apps leak API credentials. After 90 days of responsible disclosure, just 28% remed…

AutoJack: A Single Web Page Hijacks AI Agents to Execute Code on the Host
Microsoft Security has disclosed AutoJack, a three-vulnerability chain in AutoGen Studio that turns browsing-capable AI agents into ve…

Agentic AI Replaces Assistive AI in Threat Management
Agentic AI is turning Gartner's CTEM framework from a strategic document into a continuous operational cycle. The shift, documented Ju…