GitGuardian — Three Supply Chain Campaigns Hit npm, PyPI, and Docker Hub in 48 Hours 2026-04-26 Security / AI CVEs / Research
360 Digital Security — AI Agents Find ~1,000 Vulnerabilities, Echoing Claude Mythos 2026-04-25 Security / AI CVEs / Research
arXiv — GAAP: An AI Agent Execution Environment to Safeguard User Data 2026-04-25 Security / AI CVEs / Research
arXiv — Morality Attacks Jailbreak Both LLMs and Guardrail Models 2026-04-25 Security / AI CVEs / Research
IBM X-Force — OpenClaw as a Case Study in Agentic AI Vulnerability 2026-04-25 Security / AI CVEs / Research
LangChain HTMLHeaderTextSplitter SSRF Redirect Bypass (CVE-2026-41481) 2026-04-25 Security / AI CVEs / Research
Palo Alto Unit 42 — Autonomous AI Multi-Agent System Attacks Cloud Infrastructure 2026-04-25 Security / AI CVEs / Research
Zero Day Initiative — AI-Driven Bug Submission Surge Forces Major Programs to Pause 2026-04-25 Security / AI CVEs / Research
CSA Research — ZionSiphon AI-Assisted ICS Malware Targeting Water Infrastructure 2026-04-25 Security / AI CVEs / Research
Adversa AI — IICL Bypasses GPT-5.4 Safety While GPT-5 Remains Immune 2026-04-24 Security / AI CVEs / Research
CanisterSprawl — Self-Propagating npm Worm Installs LLM Proxy Backdoor 2026-04-24 Security / AI CVEs / Research
Flowise — CSV Agent Prompt Injection RCE and Cluster of New CVEs (CVE-2026-41264) 2026-04-24 Security / AI CVEs / Research
LangWatch Scenario — Open-Source Multi-Turn Red-Teaming Framework for AI Agents 2026-04-24 Security / AI CVEs / Research
OpenClaw — Six CVEs Cover Agentic Consent Bypass, RCE, SSRF, and Authorization Gaps 2026-04-24 Security / AI CVEs / Research
Paperclip AI — Unauthenticated RCE via Four-Flaw Authorization Chain (CVE-2026-41679) 2026-04-24 Security / AI CVEs / Research
TeamPCP — Checkmarx KICS Docker and Bitwarden CLI Compromised in Escalating Supply Chain Campaign 2026-04-24 Security / AI CVEs / Research
Vercel Breach via Context.ai — Third-Party AI Tool OAuth Cascade 2026-04-24 Security / AI CVEs / Research
Anthropic Officially Launches Project Glasswing — $100M Commitment, 12 Partners, Thousands of Zero-Days Found 2026-04-23 Security / AI CVEs / Research
“Comment and Control” — Prompt Injection Hijacks Claude Code, Gemini CLI & Copilot via GitHub 2026-04-23 Security / AI CVEs / Research