CERT is releasing six CVEs for serious security vulnerabilities in dnsmasq, affecting nearly all non-ancient versions. Vendors have been pre-notified, and patches are expected to be released promptly.

Mythos, an AI model developed by Anthropic, has demonstrated exceptional ability in identifying security vulnerabilities in source code. Due to its effectiveness, Anthropic has opted to limit access to Mythos, providing it only to selected companies for initial testing and remediation of critical issues.

CVE-2026-31431 addresses a local privilege escalation vulnerability in Linux, introduced in version 4.14. The issue was linked to commit 72548b093ee38a6d4f2a19e6ef1948ae05c181f7 and has been fixed in subsequent releases.

A vulnerability in Ramp's Sheets AI allowed for the insertion of formulas that could make external network requests without user approval, posing a risk of data exfiltration through indirect prompt injection. Ramp's security team resolved the issue on March 16, 2026, after it was responsibly disclosed.

CVE-2026-4747 affects FreeBSD versions 13.5, 14.3, 14.4, and 15.0, specifically when the NFS server with kgssapi.ko loaded is utilized. The vulnerability arises in the svc_rpc_gss_validate() function, which improperly reconstructs an RPC header into a 128-byte stack buffer for GSS-API signature verification.

"Disregard that!" attacks exploit the sharing of context windows in communication, leading to potential security vulnerabilities. These attacks highlight the risks associated with allowing multiple users access to the same AI interaction context.

OpenClaw, powered by Opus, is generating renewed discussions about autonomous AI agents, similar to the conversations sparked by AutoGPT and BabyAGI in 2023. Current models show significant improvements, but concerns about security vulnerabilities persist.