Posts

High-signal AI/security/automation notes.

Filter: All AI CVEs (44)Tool Comparisons (2)Research (38)Security (107)

GitHub Advisory — vLLM trust_remote_code bypass RCE

2026-02-17 AI CVEs

AgentAudit — MCP server security findings across 194 packages

2026-02-16 Security

arXiv — MUZZLE red-teaming web agents against indirect prompt injection

2026-02-16 Research

arXiv — Threat modeling for emerging AI-agent protocols

2026-02-16 Research

GitHub Advisory — vLLM Completions API RCE (CVE-2025-62164)

2026-02-16 AI CVEs

NVD — Cloudflare Agents SDK OAuth callback XSS (CVE-2026-1721)

2026-02-15 AI CVEs

Microsoft Security Blog — AI recommendation poisoning

2026-02-13 Security

arXiv — The Landscape of Prompt Injection Threats in LLM Agents

2026-02-12 Research

Microsoft Security Blog — One-prompt attack breaks LLM safety alignment

2026-02-11 Research

Praetorian — Augustus open-source LLM prompt-injection scanner

2026-02-11 Security

Ars Technica — Moltbook prompt worms and viral prompt injection

2026-02-10 Security

Endor Labs — MCP needs AppSec as classic vulns hit agent tooling

2026-02-10 Security

Levo — Launch Week 2026 adds AI firewall + MCP security testing

2026-02-10 Security

Trend Micro — OpenClaw’s Agentic Assistant Risk Map

2026-02-10 Security

arXiv — CVE-Factory: Scaling Expert-Level Agentic Tasks for Code Security Vulnerability

2026-02-09 Research

Operant AI — Agent Protector for runtime agent security

2026-02-09 Security

Radware — Agentic AI Protection Solution launch

2026-02-09 Security

GitHub Advisory — godot-mcp command injection RCE (CVE-2026-25546)

2026-02-08 AI CVEs

arXiv — Bypassing AI control protocols via Agent-as-a-Proxy attacks

2026-02-07 Research

arXiv — Learning to Inject: automated prompt injection via reinforcement learning

2026-02-07 Research