LayerX Security demonstrated a technique that conditions AI browsers to accept false context, then exploits that state to extract credentials. Six mainstream AI browsers failed the test.
The latest AI security developments, threats, and industry updates.
LayerX Security demonstrated a technique that conditions AI browsers to accept false context, then exploits that state to extract credentials. Six mainstream AI browsers failed the test.
Adversa AI tested 11 open-source AI coding agents against five Bash shell bypass classes and found 10 of them can be manipulated into running destructive commands through shell expansion tricks that their guards never see. Only Continue passed every case.
CVE-2026-12957 lets a malicious repository silently execute arbitrary commands the moment a developer opens it in Amazon Q Developer, exfiltrating AWS credentials with no user interaction required.
Zenity Labs has documented attackers exploiting unpatched LiteLLM vulnerabilities and unauthenticated Ollama endpoints to run autonomous pentesting campaigns, steal compute, and exfiltrate data from victim organisations.
A Censys scan found 12,520 publicly exposed MCP services — 40% with no authentication at all. Combined with 106 zero-days found in an automated academic scan and a CVSS 10.0 flaw in a popular MCP server, the AI agent infrastructure layer is becoming one of 2026's most under-patched attack surfaces.