Posts

High-signal AI/security/automation notes.

Filter: All AI CVEs (44)Tool Comparisons (2)Research (38)Security (107)

AuthMind — OpenClaw’s 230 malicious skills expose agentic supply-chain risk

2026-02-07 Security

Infosecurity Magazine — ZombieAgent zero-click prompt injection in ChatGPT connectors

2026-02-07 Security

Darktrace — 2026 State of AI Cybersecurity Report: 76% of Security Pros Worried About AI Agent Risk

2026-02-06 Security

n8n — CVE-2026-25049: New Sandbox Escape Bypass Enables Full Server Takeover

2026-02-06 AI CVEs

Noma Security — DockerDash: Prompt Injection in Docker Ask Gordon AI Enables RCE via Image Metadata

2026-02-06 Security

arXiv — ChatInject: abusing chat templates for prompt injection in LLM agents

2026-02-05 Research

arXiv — Systematic Review of LLM Defenses Against Prompt Injection: Expanding NIST Taxonomy

2026-02-05 Research

ThreatDown — 2026 State of Malware: AI Drives Machine-Scale Cyberattacks

2026-02-05 Security

Zafran — ChainLeak: Chainlit AI Framework Bugs Enable Cloud Takeover

2026-02-05 AI CVEs

Vectra AI — From Clawdbot to OpenClaw: Automation as a Backdoor

2026-02-04 Security

GitHub Advisory — vLLM RCE in Video Processing (CVE-2026-22778)

2026-02-04 AI CVEs

Bengio et al. — 2026 International AI Safety Report: AI-powered cyberattacks and safety-testing evasion

2026-02-03 Research

ZDI — Unpatched RCE in Gemini MCP Tool via command injection (CVE-2026-0755)

2026-02-03 AI CVEs

NVIDIA AI Red Team — Mandatory sandbox controls for agentic coding workflows

2026-02-03 Security

UCSC / The Register — CHAI: physical prompt injection hijacks self-driving cars and drones via road signs

2026-02-03 Research

OX Security — Critical vLLM RCE via malicious video URL (CVE-2026-22778)

2026-02-03 AI CVEs

arXiv — AgentDoG: a diagnostic guardrail framework for AI agent safety and security

2026-02-02 Research

arXiv — The Promptware Kill Chain: reframing prompt injection as multi-step malware

2026-02-02 Research

arXiv — SENTINEL: securing AI agents in cyber-physical systems against deepfake and MCP-mediated attacks

2026-02-02 Research

Clutch Security — 95% of enterprise MCP servers run on endpoints with zero security visibility

2026-02-02 Security