U of T researchers demonstrate AI worm could target any online device
Researchers at the University of Toronto have identified a new class of cyberthreat in the form of an AI worm that can target any online device. This AI worm can be created using free AI models, and current cybersecurity defenses are not adequately prepared to combat it.
utoronto.ca
8 min
23h ago
Microsoft Copilot Cowork Exfiltrates Files
Microsoft Copilot Cowork is susceptible to file exfiltration attacks through indirect prompt injection due to insecure automatic action approvals for sending emails and Teams messages. This vulnerability has shown a high success rate against advanced models, including Claude Opus 4.7.
promptarmor.com
5 min
5/25/2026
Google says criminal hackers used AI to find a major software flaw
Criminal hackers utilized artificial intelligence to identify a previously unknown software flaw, marking the first instance of AI being used in this manner. Google reported that this attempted cyberattack indicates potential future threats in cybersecurity.
nytimes.com
1 min
5/11/2026
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Wiz Research identified a critical vulnerability (CVE-2026-3854) in GitHub's internal git infrastructure that allows authenticated users to execute arbitrary commands on backend servers with a single git push command. This vulnerability is notable as one of the first critical flaws found in closed-source binaries using AI.
wiz.io
7 min
4/28/2026
AISLE Discovers 38 CVEs in OpenEMR Healthcare Software
AISLE has identified 38 critical vulnerabilities (CVEs) in healthcare software utilized by 100,000 medical providers. The rapid digitization of healthcare is outpacing the implementation of adequate security measures.
aisle.com
9 min
4/28/2026
Cal.com is going closed source
Cal.com is transitioning from open source to closed source to enhance customer data protection in response to AI-driven security threats. The Cal.diy platform will remain available as an open-source option for hobbyists.
cal.com
3 min
4/15/2026
Hacking Moltbook
Moltbook, a viral social network for AI agents, has a misconfigured Supabase database that exposes full read and write access to its data. This security flaw has led to the leak of 1.5 million API keys.
wiz.io
9 min
2/2/2026
175K+ publicly-exposed Ollama AI instances discovered
Over 175,000 misconfigured Ollama AI servers are publicly exposed without authentication, making them vulnerable to LLMjacking attacks. Attackers exploit these instances to generate spam and malware content, with the issue stemming from user misconfiguration that can be fixed by binding servers to localhost only.
techradar.com
3 min
1/31/2026
U of T researchers demonstrate AI worm could target any online device
Researchers at the University of Toronto have identified a new class of cyberthreat in the form of an AI worm that can target any online device. This AI worm can be created using free AI models, and current cybersecurity defenses are not adequately prepared to combat it.
utoronto.ca
8 min
23h ago
Google says criminal hackers used AI to find a major software flaw
Criminal hackers utilized artificial intelligence to identify a previously unknown software flaw, marking the first instance of AI being used in this manner. Google reported that this attempted cyberattack indicates potential future threats in cybersecurity.
nytimes.com
1 min
5/11/2026
AISLE Discovers 38 CVEs in OpenEMR Healthcare Software
AISLE has identified 38 critical vulnerabilities (CVEs) in healthcare software utilized by 100,000 medical providers. The rapid digitization of healthcare is outpacing the implementation of adequate security measures.
aisle.com
9 min
4/28/2026
Hacking Moltbook
Moltbook, a viral social network for AI agents, has a misconfigured Supabase database that exposes full read and write access to its data. This security flaw has led to the leak of 1.5 million API keys.
wiz.io
9 min
2/2/2026
Microsoft Copilot Cowork Exfiltrates Files
Microsoft Copilot Cowork is susceptible to file exfiltration attacks through indirect prompt injection due to insecure automatic action approvals for sending emails and Teams messages. This vulnerability has shown a high success rate against advanced models, including Claude Opus 4.7.
promptarmor.com
5 min
5/25/2026
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Wiz Research identified a critical vulnerability (CVE-2026-3854) in GitHub's internal git infrastructure that allows authenticated users to execute arbitrary commands on backend servers with a single git push command. This vulnerability is notable as one of the first critical flaws found in closed-source binaries using AI.
wiz.io
7 min
4/28/2026
Cal.com is going closed source
Cal.com is transitioning from open source to closed source to enhance customer data protection in response to AI-driven security threats. The Cal.diy platform will remain available as an open-source option for hobbyists.
cal.com
3 min
4/15/2026
175K+ publicly-exposed Ollama AI instances discovered
Over 175,000 misconfigured Ollama AI servers are publicly exposed without authentication, making them vulnerable to LLMjacking attacks. Attackers exploit these instances to generate spam and malware content, with the issue stemming from user misconfiguration that can be fixed by binding servers to localhost only.
techradar.com
3 min
1/31/2026
U of T researchers demonstrate AI worm could target any online device
Researchers at the University of Toronto have identified a new class of cyberthreat in the form of an AI worm that can target any online device. This AI worm can be created using free AI models, and current cybersecurity defenses are not adequately prepared to combat it.
utoronto.ca
8 min
23h ago
GitHub RCE Vulnerability: CVE-2026-3854 Breakdown
Wiz Research identified a critical vulnerability (CVE-2026-3854) in GitHub's internal git infrastructure that allows authenticated users to execute arbitrary commands on backend servers with a single git push command. This vulnerability is notable as one of the first critical flaws found in closed-source binaries using AI.
wiz.io
7 min
4/28/2026
Hacking Moltbook
Moltbook, a viral social network for AI agents, has a misconfigured Supabase database that exposes full read and write access to its data. This security flaw has led to the leak of 1.5 million API keys.
wiz.io
9 min
2/2/2026
Microsoft Copilot Cowork Exfiltrates Files
Microsoft Copilot Cowork is susceptible to file exfiltration attacks through indirect prompt injection due to insecure automatic action approvals for sending emails and Teams messages. This vulnerability has shown a high success rate against advanced models, including Claude Opus 4.7.
promptarmor.com
5 min
5/25/2026
AISLE Discovers 38 CVEs in OpenEMR Healthcare Software
AISLE has identified 38 critical vulnerabilities (CVEs) in healthcare software utilized by 100,000 medical providers. The rapid digitization of healthcare is outpacing the implementation of adequate security measures.
aisle.com
9 min
4/28/2026
175K+ publicly-exposed Ollama AI instances discovered
Over 175,000 misconfigured Ollama AI servers are publicly exposed without authentication, making them vulnerable to LLMjacking attacks. Attackers exploit these instances to generate spam and malware content, with the issue stemming from user misconfiguration that can be fixed by binding servers to localhost only.
techradar.com
3 min
1/31/2026
Google says criminal hackers used AI to find a major software flaw
Criminal hackers utilized artificial intelligence to identify a previously unknown software flaw, marking the first instance of AI being used in this manner. Google reported that this attempted cyberattack indicates potential future threats in cybersecurity.
nytimes.com
1 min
5/11/2026
Cal.com is going closed source
Cal.com is transitioning from open source to closed source to enhance customer data protection in response to AI-driven security threats. The Cal.diy platform will remain available as an open-source option for hobbyists.
cal.com
3 min
4/15/2026
No more articles to load