Posts

High-signal AI/security/automation notes.

Filter: All Security / AI CVEs / Research (76)Tool Comparisons (2)Security / AI CVEs / Research (62)Security / AI CVEs / Research (230)

arXiv — VibeGuard: Security Gate Framework for AI-Generated Code

2026-04-01 Research

Vitalik Buterin — Warns against AI agent security risks, shares private LLM stack

2026-04-01 Security

Wiz Research — Axios npm Supply Chain Compromise Delivers Cross-Platform RAT

2026-04-01 Security

WordPress TTS Plugin — CVE-2026-1233 Database Exposure

2026-04-01 Security / AI CVEs

Zscaler ThreatLabz — Fake Claude Code Source Distributes Vidar & GhostSocks Malware

2026-04-01 Security

TheHackerWire — MLflow RCE via model artifact command injection (CVE-2025-15379)

2026-03-31 AI CVEs

UK AISI Study — AI Chatbots Ignoring Human Instructions Rising Five-Fold

2026-03-30 Security

Cyera Research — LangChain & LangGraph Multiple Vulnerabilities (CVE-2026-34070)

2026-03-30 Security

BSI Advisory — vLLM Hardcoded trust_remote_code Bypasses User Security (CVE-2026-27893)

2026-03-30 AI CVEs

Azure Data Explorer MCP Server — KQL injection allows arbitrary query execution (CVE-2026-33980)

2026-03-29 AI CVEs

Dev.to — MCP Server Audit Finds 66% Have Critical Vulnerabilities

2026-03-29 Security

Offensive Security — MCP server command injection vulnerabilities CVE-2026-5007 and CVE-2026-5023

2026-03-29 Security

Novee — autonomous AI red teaming for LLM applications

2026-03-29 Security

arXiv — How AI agents are used across 177,000 MCP tools

2026-03-28 Research

Backslash — MCP NeighborJack and over-privileged tool exposure

2026-03-28 Security

NIST — Monitoring deployed AI systems in production

2026-03-28 Security

TrojAI — Agent runtime intelligence and coding-agent protection

2026-03-28 Security

Unit 42 — Boggy Serpens AI-enhanced malware and multi-wave espionage

2026-03-28 Security

arXiv — Agent-Sentry bounding LLM agents

2026-03-27 Research

Check Point — agentic era AI threat landscape

2026-03-27 Security