Posts

High-signal AI/security/automation notes.

Filter: All AI CVEs (44)Tool Comparisons (2)Research (38)Security (107)

arXiv — LLM-agent threat model and attack taxonomy survey

2026-02-26 Research

Check Point Research — Claude Code hooks/MCP RCE

2026-02-26 Security

CrowdStrike — 2026 Global Threat Report: AI-accelerated adversaries

2026-02-26 Security

Trail of Bits — Comet prompt-injection audit

2026-02-26 Security

arXiv — AgentDyn prompt injection benchmark

2026-02-25 Research

Pillar Security — Operation Bizarre Bazaar LLMjacking campaign

2026-02-25 Security

Socket — SANDWORM_MODE npm worm targets AI coding tools

2026-02-25 Security

Veza — Access Agents for AI identity governance

2026-02-25 Security

arXiv — Prompt injection vs LLM rankers

2026-02-24 Research

GitHub Advisory — Cline unauthorized npm publish added postinstall

2026-02-24 Security

GitHub Advisory — Cursor Agent MCP special-files prompt injection (CVE-2025-54135)

2026-02-24 AI CVEs

GitHub Advisory — fermat-mcp eqn_chart code injection (CVE-2026-2008)

2026-02-24 AI CVEs

GitHub Advisory — GitHub Kanban MCP Server command injection (CVE-2025-53818)

2026-02-24 AI CVEs

GitHub Advisory — sf-mcp-server command injection RCE (CVE-2026-26029)

2026-02-24 AI CVEs

Kai Security AI — Honeypot MCP server logs AI agent probing

2026-02-23 Security

Phoenix Security — SANDWORM_MODE npm worm poisons AI toolchains

2026-02-23 Security

Unit 42 — 2026 IR report on AI-accelerated attacks

2026-02-23 Security

Cisco — State of AI Security 2026 report

2026-02-22 Security

GitLab Advisory — ebay-mcp env var injection (CVE-2026-27203)

2026-02-21 AI CVEs

Microsoft — Copilot summarized confidential emails despite DLP labels

2026-02-21 Security