OX Security — Full MCP STDIO Command Injection Advisory: CVEs Across LangFlow, LiteLLM, GPT Researcher, Agent Zero 2026-04-19 Security / AI CVEs / Research
Wiz — AI-Generated Supply Chain Campaign Targets GitHub Actions via pull_request_target 2026-04-19 Security / AI CVEs / Research
Xcitium ThreatLabs — Malicious LLM routers steal credentials and drain crypto wallets 2026-04-19 Security / AI CVEs / Research
GreyNoise — 91,403 Attack Sessions Target Exposed LLM Infrastructure 2026-04-18 Security / AI CVEs / Research
Hadrian — 70 AI Offensive Security Tools Cataloged as Pen Testing Economics Collapse 2026-04-18 Security / AI CVEs / Research
XCIT Threat Labs — Malicious LLM Routers Inject Payloads and Steal Credentials 2026-04-18 Security / AI CVEs / Research
Cisco AI Defense — Open-Source Agent Security Toolkit Launch 2026-04-18 Security / AI CVEs / Research
Gambit Security — Single Hacker Used Claude Code and ChatGPT to Breach Nine Mexican Government Agencies 2026-04-18 Security / AI CVEs / Research
Cisco Talos — n8n AI Workflow Platform Abused for Malware Delivery and Device Fingerprinting 2026-04-17 Security
Google Cloud Threat Intelligence — Defending Enterprises Against AI-Powered Exploitation 2026-04-17 Security
Apple Intelligence — Prompt injection bypasses on-device AI guardrails (RSAC 2026) 2026-04-16 Security
Flowise — CVSS 10.0 CustomMCP RCE enables full server compromise (CVE-2025-59528) 2026-04-16 Security / AI CVEs
Microsoft — AI-enabled device code phishing campaign bypasses MFA at scale (April 2026) 2026-04-16 Security
Capsule Security — ShareLeak and PipeLeak prompt injection in Copilot Studio and Agentforce 2026-04-16 Security