All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Microsoft Office Excel has a remote code execution vulnerability (RCE, where an attacker can run commands on a system they don't own) that could give an attacker complete control of a computer if someone opens a specially crafted Excel file containing a malformed object (a corrupted piece of data). This vulnerability is actively being exploited by attackers in the real world.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. See Microsoft's security bulletin at https://learn.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-009 for specific guidance.
CISA Known Exploited VulnerabilitiesA 20-year-old Texas man was arrested after throwing an incendiary device (a weapon designed to start fires) at OpenAI CEO Sam Altman's home and attempting to set fire to OpenAI's headquarters in San Francisco. Police found the suspect with an anti-AI document containing threats against Altman, multiple incendiary devices, and other materials, leading federal prosecutors to investigate whether this constitutes an act of domestic terrorism.
AI-generated influencers (fake people created using generative AI, the technology that can create images and text) are appearing in social media posts about Coachella festival, posing as real attendees and posting photos with celebrities. While fake attendance has happened before with real influencers, AI tools have now made it easy enough that AI-generated people are becoming common on social media.
OpenAI is revoking and rotating its macOS code-signing certificates (digital credentials that verify OpenAI apps are legitimate) after a malicious Axios package was executed in one of its GitHub Actions workflows (automated tasks that run on code repositories). Although OpenAI found no evidence the certificates were actually compromised, the company is treating them as potentially exposed and requiring all macOS users to update their OpenAI apps to versions signed with new certificates by May 8, 2026, when the old certificate will be fully blocked.
Goldman Sachs's CEO says he is closely aware of cybersecurity risks from Anthropic's Mythos AI model (an advanced large language model, which is an AI trained on large amounts of text data) and is working with Anthropic to improve cyber protection. The bank has been monitoring rapid advances in AI as part of its efforts to protect itself from hackers.
OpenAI's chief revenue officer sent an internal memo to employees emphasizing the need to build a 'moat' (competitive advantages that make it hard for customers to switch to competitors) around its AI products and focus on enterprise clients, as users currently find it easy to switch between different AI models depending on which one performs best at any given time.
Gemini Robotics-ER 1.6 is an upgraded AI model designed to help robots understand and reason about the physical world, enabling them to complete real-world tasks with better spatial awareness and precision. The model improves on previous versions by enhancing capabilities like pointing (identifying and locating objects), counting, reading instruments (such as gauges), and detecting when tasks are complete. It is now available to developers through the Gemini API (an interface for accessing the model) and Google AI Studio.
Microsoft is testing ways to integrate OpenClaw-style features into Copilot, its AI assistant, to make Microsoft 365 Copilot run autonomously (without human intervention) around the clock and complete tasks for users. OpenClaw is an open-source platform that allows users to create AI-powered agents (software programs that act independently to complete goals) that run locally on a user's device. Microsoft's corporate vice president confirmed the company is exploring these technologies for enterprise use.
OpenAI's new revenue chief sent an internal memo highlighting a partnership with Amazon (a cloud computing company competing with Microsoft) as crucial for reaching enterprise customers, while acknowledging that its existing deal with Microsoft has constrained its ability to serve clients who prefer Amazon's AI platform called Bedrock (a service that provides access to major AI models). The memo reflects OpenAI's struggle to compete with rival Anthropic's Claude model in the enterprise market, where companies are investing heavily in AI.
A vulnerability in keras version 3.13.0 allows attackers to run their own code when a model is loaded, even when `safe_mode=True` (a setting meant to prevent unsafe operations). The problem occurs because the `TFSMLayer` class loads external TensorFlow SavedModels (pre-trained model files) without checking if they're safe, and doesn't properly validate file paths or configuration data.
A vulnerability in the Linux kernel's netfilter (the system that filters network packets) allowed matches and targets designed for general use to be incorrectly loaded into ARP (a protocol for finding IP addresses on local networks) chains, causing NULL pointer dereferences (crashes when code tries to access memory that doesn't exist) because ARP has different hook layouts than other protocols. The issue occurred because ARP's hooks have different meanings than IPv4/IPv6 hooks, but the validation code didn't catch this mismatch.
Microsoft SharePoint Server has a vulnerability where it doesn't properly check user input before processing it, allowing attackers to perform spoofing (impersonating someone or something else) over a network without authorization. This flaw is currently being exploited by real attackers in the wild.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services (federal cybersecurity requirements for cloud systems), or discontinue use of the product if mitigations are unavailable.
CISA Known Exploited VulnerabilitiesA man named Daniel Moreno-Gama was arrested after throwing a Molotov cocktail (an improvised incendiary weapon) at OpenAI CEO Sam Altman's home and later attacking OpenAI's headquarters. Moreno-Gama was motivated by concerns about AI posing an existential threat to humanity and had planned the attack in advance, as documented in a written statement found by police. Sam Altman responded by calling for reduced hostile rhetoric within the AI industry.
Anthropic's Mythos is an AI system that can autonomously find and exploit vulnerabilities (security flaws in software) much faster than before, completing tasks in hours that previously took weeks or months. Security experts warn this represents a fundamental shift in cybersecurity, not an isolated incident, and that defenders must close the gap between how quickly vulnerabilities are discovered and how quickly organizations can patch and respond.
Fix: The AI Security Institute recommends that organizations strengthen security fundamentals by: regularly applying security updates, implementing robust access controls, securing security configuration, and maintaining comprehensive logging. The source also emphasizes that investment in cyber defense is vital now, before future AI models become even more capable.
CSO OnlineSecurity experts are warning that Anthropic's Claude Mythos introduction could trigger an "AI vulnerability storm," where many security weaknesses in AI systems are discovered and exploited rapidly. The Cloud Security Alliance is advising security leaders (called CISOs) to prepare for a surge in attacks targeting these newly-exposed vulnerabilities.
This research paper proposes a method to detect FDI attacks (false data injection, where attackers insert fake sensor readings into control systems) by using encoding techniques to transform measurement data into a different mathematical space. The approach aims to catch stealthy FDI attacks that are designed to evade traditional detection methods by disguising themselves as normal system behavior.
Fix: OpenAI is revoking and rotating the code-signing certificate. The company is working with Apple to ensure no future software can be notarized (verified as legitimate) with the previous certificate. The old certificate will be fully revoked on May 8, 2026, after which attempts to launch applications signed with it will be blocked by macOS protections. OpenAI advises users to update via in-app features or official download pages and to avoid installing software from links sent via email, ads, or third-party sites.
BleepingComputerAnthropic released Claude Mythos Preview, a new AI model with advanced cyberattack capabilities, and is withholding it from the public while running Project Glasswing to find and patch vulnerabilities before attackers exploit them. The model can write effective exploits (turning vulnerabilities into working attacks without human help) and find complex vulnerabilities by chaining together multiple bugs, representing a significant increase in AI-assisted cyberattack sophistication. While defenders currently have an advantage in finding vulnerabilities for patching purposes, this gap is expected to shrink as more powerful models become available.
Fix: Fix it by restricting arptables to NFPROTO_ARP extensions only. The arptables-legacy implementation supports only three extensions that provide explicit NFPROTO_ARP declarations: arpt_CLASSIFY, arpt_mangle, and arpt_MARK.
NVD/CVE DatabaseReferring video object segmentation (RVOS, the task of identifying and outlining objects in videos based on text descriptions) is used in safety-critical applications like autonomous driving, but the deep neural networks that power these systems are vulnerable to adversarial perturbations (tiny, intentional changes to input data designed to fool AI models). This research demonstrates for the first time that RVOS models can be reliably attacked using a method called xM-ICM, which corrupts both visual and text information to mislead the models, and shows this attack works even when attackers have limited information about the system.
LitCVit is a lightweight AI model designed to detect malicious encrypted network traffic (data sent over secure connections) without needing to decrypt it or manually extract features. The model uses self-supervised learning (training where the AI learns patterns from unlabeled data) and vision transformers (a type of neural network architecture) to analyze patterns across multiple data packets and flows (sequences of related network communications) while running much faster than existing approaches, achieving 98% accuracy on test datasets.
FALCON-Net is a detection system designed to identify AI-generated images by analyzing their technical flaws. The system works by examining two key weaknesses in generated images: the lack of device-specific sensor noise (natural imperfections that real cameras add) and unnatural pixel intensity variations that result from oversimplified generation processes. FALCON-Net combines two analysis modules (one for noise patterns and one for local pixel variations) to reliably distinguish AI-generated images from real ones, even when tested on image generation models it wasn't trained on.