AI Sec Watch

CVE-2026-24147 is a vulnerability in NVIDIA Triton Inference Server (a tool that runs AI models) where an attacker can upload a malicious model configuration file to cause information disclosure (exposing sensitive data) or denial of service (making the system unavailable). The vulnerability stems from improper path traversal (a flaw that lets attackers access files outside intended directories) validation when handling uploaded files.

NVIDIA Triton Inference Server has a vulnerability where it doesn't properly check user inputs and can crash when given a large number of outputs, potentially causing a denial of service (making the server unavailable to users). The vulnerability stems from excessive memory allocation triggered by malformed input.

This paper presents XFaceMark, a method that uses YOLO (an object detection system that identifies items in images) and random MRFO (a nature-inspired optimization algorithm) to add watermarks to deepfakes (AI-generated fake videos or images) in a way that can be explained and understood. The approach aims to make deepfakes traceable while allowing researchers to understand how the watermarking process works.

This academic paper discusses extending SBOMs (software bill of materials, which are detailed lists of all components and dependencies in software) to create AIBOMs that can describe agentic AI systems (AI systems that can take independent actions and make decisions). The paper proposes schema extensions, methods for coordinating multiple AI agents, and ways to evaluate whether AI systems produce consistent and reproducible results.

Anthropic is launching a new AI model called Claude Mythos Preview as part of Project Glasswing, a cybersecurity partnership with major tech companies like Nvidia, Google, and Microsoft. The model is designed to help large organizations and governments automatically detect vulnerabilities (security weaknesses) in their systems with minimal human involvement. Anthropic is limiting access to launch partners only and not releasing it publicly due to security concerns.

Anthropic released a preview of Mythos, a powerful new AI model, as part of Project Glasswing, a cybersecurity initiative involving over 40 partner organizations like Amazon, Microsoft, and Apple. The model, which was not specifically trained for cybersecurity but has strong coding and reasoning abilities, has reportedly identified thousands of zero-day vulnerabilities (security flaws unknown to the public and software vendors) in software systems during initial testing. The preview is limited to partner organizations for defensive security work and will not be made generally available to the public.

AI is making software creation faster and easier, leading to a future where temporary applications (instant software) might be created and deleted on demand, but this also means AI tools are getting better at both finding and exploiting vulnerabilities (weaknesses in code that attackers can use). While defenders can use the same AI capabilities to patch vulnerabilities and fix security problems, today's AI-generated software tends to contain many security flaws because AI doesn't yet write secure code well.

Hackers are actively exploiting CVE-2025-59528, a critical vulnerability in Flowise (an open-source platform for building AI agents and custom LLM applications) that allows arbitrary JavaScript code injection without validation through the CustomMCP node. The flaw was publicly disclosed in September, affects thousands of exposed instances online, and enables attackers to execute commands and access files on vulnerable systems.

Nation-states are using AI agents (autonomous AI systems that can perform tasks without human intervention) to launch cyberattacks at speeds that traditional security responses cannot match. The article argues that cybersecurity defenses cannot rely on small, gradual improvements but must instead undergo fundamental architectural changes to address this new threat level.