Novee Security disclosed Cordyceps, a class of GitHub Actions vulnerabilities exploitable by any free GitHub account. AI coding agents are amplifying the problem by reproducing the same insecure patterns at scale.
CVEs, exploits, and security flaws in AI frameworks, models, and infrastructure.
Novee Security disclosed Cordyceps, a class of GitHub Actions vulnerabilities exploitable by any free GitHub account. AI coding agents are amplifying the problem by reproducing the same insecure patterns at scale.
Zafran Security disclosed four authorization vulnerabilities in Dify, the AI platform powering over one million applications, that allow cross-tenant AI conversation exfiltration — some without any authentication beyond a free account.
Johann Rehberger's DEF CON Singapore research demonstrates how indirect prompt injection chains into Microsoft Copilot's memory feature to plant a persistent backdoor — one that survives across every future session, not just the compromised one.
CVE-2026-47729 (Squidbleed) is a heap buffer overread in Squid Proxy's FTP parser, present since 1997, discovered by Anthropic's Claude Mythos Preview: it leaks users' HTTP credentials and session tokens in corporate and shared proxy environments.
Tenet Security's Threat Labs published research on June 17 demonstrating how a single fake Sentry error event can hijack AI coding agents like Claude Code and Cursor into executing arbitrary code on developer machines — no phishing, no infrastructure access, 85% success rate across 100+ tested organisations.