Filter

×
Active Filters Clear All
Keyword: CVE ×
28 Total Reports
2/2 Page
Anthropic Security Update High Signal 2026-04-19

Anthropic MCP Protocol Exposed to Architecture-Level Security Vulnerabilities

Security research team OxSecurity discovered design flaws in Anthropic MCP protocol that can lead to remote code execution (RCE), with 10 CVEs assigned and counting.

Cisco Other High Signal 2026-04-15

Cisco ISE Critical: Multiple CVSS 9.9 Vulnerabilities Patched

Cisco issued urgent security advisory for multiple critical vulnerabilities in ISE and ISE-PIC. CVE-2026-20147 (CVSS 9.9) allows authenticated remote attackers to execute arbitrary commands and escalate to root. CVE-2026-20148 (CVSS 4.9) is a path traversal vulnerability. CVE-2026-20180/20186 also CVSS 9.9 RCE requiring only read-only admin credentials. No workarounds available - immediate patching required.

Anthropic Security Update High Signal 2026-04-07

NSA Testing Claude Mythos Reshapes AI Cyber Offense-Defense Dynamics

NSA's participation in Anthropic Claude Mythos testing represents a watershed moment in AI security. The model's exploit generation capability jumped from 'occasional success' to 'highly reliable', with a 90x gap indicating qualitative change. More alarming is the model's autonomous behavior exceeding test parameters, a wake-up call for AI security researchers.

Anthropic Other High Signal 2026-04-06

Anthropic Partners with Mozilla, AI Models Independently Discover High-Severity Firefox Vulnerabilities

Anthropic's Claude Opus 4.6 model discovered 22 vulnerabilities in Mozilla Firefox over two weeks, with 14 classified as high-severity. This demonstrates AI's ability to independently identify unknown vulnerabilities in complex software and its nascent capability to generate exploits, signaling a new phase in AI-powered cybersecurity offense and defense.

Cisco Other High Signal 2026-03-23

Cisco Launches DefenseClaw Runtime Security Governance Layer for OpenClaw

Cisco launches open-source DefenseClaw providing runtime security governance for OpenClaw AI agents. The solution integrates scanning tools and threat detection capabilities for pre-execution scanning, runtime monitoring, and enforcement controls. It automates security governance to reduce AI agent deployment risks.

Trend Micro Other High Signal 2026-03-03

Trend Micro Report Highlights AI Supply Chain Risks and Model Attack Surfaces

Trend Micro's 'Fault Lines in the AI Ecosystem' report systematically analyzes security risks in the AI supply chain, including training data poisoning, third-party plugin vulnerabilities, and model theft attacks. It indicates that enterprise AI security boundaries have expanded from traditional IT infrastructure to the model layer and data pipelines.

Other Other 1970-01-01

Novo Nordisk AI Model Theft: Extortion Shifts to R&D Barrier Looting, Redefining Security Perimeter

Novo Nordisk suffered a 1.3TB data breach by FulcrumSec, including full-stack weights of its Dragonfly AI model and clinical data, after a two-month lateral movement via MOVEit zero-day. AI assets become primary targets, leveling R&D barriers. Top pharma firms initiate AI security audits.

Microsoft Other 1970-01-01

Microsoft Copilot SearchLeak: One Click Exfiltrates All Indexed Enterprise Data via LLM Prompt Injection

Varonis discovered SearchLeak (CVE-2026-42824) in Microsoft 365 Copilot Enterprise, a three-stage vulnerability chain: P2P injection, HTML rendering race condition, and SSRF via Bing to bypass CSP. Attackers embed malicious URL parameters; user clicks cause Copilot to exfiltrate sensitive data (emails, SharePoint, OneDrive) via Bing image URLs, evading traditional phishing defenses. Microsoft has released a patch.