Dark Reading

Amazon Q VS Extension Flaw Leads to Cloud Credential Theft

Adversaries could plant a malicious repository that executes arbitrary code and steals cloud credentials, showcasing MCP risk ...

Prompt injection is exploiting enterprise AI's biggest design flaws by targeting agents, RAG pipelines and model routers

Prompt injection remains the most effective way to compromise enterprise AI systems because it exploits the fundamental way ...

Azul Addresses the Java Runtime Security Blind Spot Autonomous AI Can Now Exploit

Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today launched a free JVM vulnerability ...
Infosecurity Magazine

OpenAI Reveals GPT-5.6 Sol Cybersecurity Model, Restricts Early Access

OpenAI has previewed GPT-5.6 Sol, a new flagship model it describes as its "most capable model yet for cybersecurity." Access ...
Memeburn

China's AI Now Matches Anthropic Mythos in Cybersecurity

Two Chinese AI tools now match Anthropic's Mythos in cybersecurity vulnerability detection. Both are freely available, ...
Tech Times

OpenAI Silently Rolled GPT-5.6 to Some Codex Users: A Hidden Prompt Exposes the Swap

GPT-5.6 was already running in Codex for some users before OpenAI’s government-approved preview opened to partners. A ...

Clean GitHub repo tricks AI coding agents into running malware

An agentic coding tool tasked with cloning and setting up a seemingly benign GitHub repository could execute a malicious ...

Xiaomi's HarnessX rewrites its own AI scaffolding mid-task — and smaller models gain the most

Xiaomi's HarnessX autonomously rewrites AI agent harnesses mid-execution, delivering +14.5% avg performance gains — and +44% ...
Windows Report

Mozilla Warns Clean GitHub Repositories Can Trick Claude Code Into Running Malware

Mozilla researchers revealed a new attack that tricks Claude Code into running hidden commands from seemingly harmless GitHub repositories.
Infosecurity Magazine

Telegram-Based Millenium RAT Campaign Infects 60,000 Devices

A cheap, Telegram-controlled remote access trojan (RAT) dubbed Millenium RAT has infected over 60,000 Windows devices across ...

OpenAI launches GPT-5.6 Sol with new reasoning mode, enhanced safety features, and two additional AI models

OpenAI has unveiled GPT-5.6 Sol alongside Terra and Luna, introducing advanced reasoning, stronger cybersecurity safeguards, ...

AI may be good at finding security vulnerabilities, but it can't beat human stupidity

KETTLE AI commands all the headlines nowadays, but the biggest security story of the week is all about human laziness and poor password habits – just like the good old days. That said, AI is playing a ...