All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
Ivanti Endpoint Manager Mobile (EPMM) has a code injection vulnerability (a flaw that lets attackers insert malicious code) that allows attackers to run commands on the system without needing to log in first. This vulnerability is currently being exploited by real attackers in the wild.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Check for signs of potential compromise on all internet accessible Ivanti products affected by this vulnerability. Apply any final mitigations provided by the vendor as soon as possible. Security updates are available at https://support.mobileiron.com/mi/vsp/AB1786671/ivanti-security-update-1761642-1.1.0S-5.noarch.rpm and https://support.mobileiron.com/mi/vsp/AB1786671/ivanti-security-update-1761642-1.1.0L-5.noarch.rpm
CISA Known Exploited VulnerabilitiesGoogle CEO Sundar Pichai stated that the rapid growth of AI has created opportunities for Alphabet to invest billions of dollars in AI startups like Anthropic and other companies. Alphabet is moving away from traditional venture capital routes and instead making large direct investments from its own balance sheet, similar to how other major tech companies like Nvidia and Microsoft are operating. Pichai emphasized that the company wants to be a responsible steward of capital by investing in ventures with strong returns.
Elon Musk is suing OpenAI CEO Sam Altman and President Greg Brockman, claiming they deceived him into donating $38 million by promising the company would remain a nonprofit when it later became a for-profit entity. In his legal filing, Musk is seeking to have both executives removed from their roles, asking the court to force OpenAI to revert to operating as a true nonprofit, with jury selection scheduled to begin in April 2025.
LibreChat, a ChatGPT alternative with extra features, had a vulnerability in versions before 0.8.4 where it didn't properly validate filenames from its code execution sandbox, allowing attackers to write files anywhere on the server using path traversal (sequences like ../ that navigate to parent directories). Any user able to run code through the sandbox could exploit this to write arbitrary files with the permissions of the LibreChat server.
The java-sdk has a DNS rebinding vulnerability (an attack where a hacker tricks your browser into accessing a private server by manipulating domain name resolution) that allows attackers to make tool calls to local or private MCP (model context protocol, a system for AI agents to interact with tools) servers if you visit a malicious website. This happens because the java-sdk wasn't validating the Origin header (a security check that confirms requests come from trusted sources) before version 1.0.0, violating the MCP specification.
OpenTelemetry-Go has a denial-of-service vulnerability where the library parses multiple `baggage` HTTP headers (a standard for distributed tracing metadata) separately instead of treating them as one combined value. An attacker can send many baggage header lines to force the server to waste CPU and memory on repeated parsing work, even though each individual header stays within size limits, causing high latency and excessive allocations per request.
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24175) where an attacker can crash the server by sending a malformed request header, potentially causing a denial of service (disruption of normal service). The vulnerability stems from an uncaught exception (an error that the program doesn't handle properly), which allows attackers to exploit this weakness.
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24174) where an attacker can crash the server by sending a malformed request (a request with incorrect formatting), causing a denial of service (when a system becomes unavailable to legitimate users). The vulnerability stems from incorrect conversion between numeric types (the software not properly handling different number formats).
NVIDIA Triton Inference Server has a vulnerability (CVE-2026-24173) where an attacker can send a malformed request to crash the server, causing a denial of service (when a service becomes unavailable due to an attack). The vulnerability is related to integer overflow or wraparound (when a number exceeds the maximum value a system can store, causing unexpected behavior).
CVE-2026-24147 is a vulnerability in NVIDIA Triton Inference Server (a tool that runs AI models) where an attacker can upload a malicious model configuration file to cause information disclosure (exposing sensitive data) or denial of service (making the system unavailable). The vulnerability stems from improper path traversal (a flaw that lets attackers access files outside intended directories) validation when handling uploaded files.
NVIDIA Triton Inference Server has a vulnerability where it doesn't properly check user inputs and can crash when given a large number of outputs, potentially causing a denial of service (making the server unavailable to users). The vulnerability stems from excessive memory allocation triggered by malformed input.
OpenClaw versions before 2026.4.2 had a timing side channel (a security weakness where an attacker can learn secret information by measuring how long operations take) in shared-secret comparison code. The vulnerability could leak information about the length of secrets through measurable timing differences, though it didn't directly allow attackers to bypass authentication.
OpenClaw versions 2026.4.1 and earlier have a vulnerability where QQ Bot structured payloads (specially formatted data sent through the bot) could read any file on the host computer by escaping the intended file directory boundaries. An attacker could craft a malicious payload to steal sensitive files that the OpenClaw process has access to.
Anthropic has launched Project Glasswing, an initiative using Claude Mythos Preview (an AI model designed for cybersecurity) to automatically discover software vulnerabilities at scale, which it is testing with a closed group of over 40 companies including Amazon, Microsoft, and Google. Early testing claims the model found thousands of high-severity vulnerabilities in widely-used software, including some that had been missed for decades, suggesting that AI-powered vulnerability discovery may shift how security work is organized and force organizations to focus less on managing backlogs and more on reducing the time vulnerabilities remain exposed before being fixed. The initiative raises questions about the future role of human-driven security work as AI automation becomes more capable.
Fix: This vulnerability is fixed in version 0.8.4.
NVD/CVE DatabaseResearchers discovered that AWS Bedrock AgentCore's Code Interpreter sandbox, which is supposed to isolate AI agents from external networks, could be bypassed using DNS tunneling (a technique that hides data inside DNS queries to leak information out of restricted environments). Additionally, they found a critical security flaw where the microVM Metadata Service (a system that provides credentials to running programs) lacked proper authentication, potentially allowing attackers to steal sensitive credentials through SSRF attacks (server-side request forgery, where a program is tricked into making requests on behalf of an attacker).
Fix: AWS introduced internal remediations and outlined several important mitigation strategies for customers. The source notes that users cannot patch the managed environment directly but can leverage platform-level controls AWS provides. However, the specific details of these mitigation strategies and platform-level controls are not fully described in the provided excerpt.
Palo Alto Unit 42Anthropic released Claude Mythos, a new AI model with exceptionally strong cybersecurity research abilities, but restricted access to only a small group of preview partners through Project Glasswing instead of releasing it publicly. The model can autonomously develop complex exploits (attacks that chain multiple vulnerabilities together to break into systems), finding thousands of high-severity vulnerabilities in major operating systems and web browsers, which is a major leap forward compared to older models like Claude Opus 4.6.
Fix: Users can mitigate this risk by: 1) Running the MCP server behind a reverse proxy (a security layer like Nginx or HAProxy that forwards requests and can validate headers) configured to strictly validate the Host and Origin headers, or 2) Using a framework that inherently enforces strict CORS (cross-origin resource sharing, a browser security feature that controls which websites can access your data) and Origin validation, such as Spring AI.
GitHub Advisory DatabaseFix: The source recommends: "avoid repeated parsing across multi-values by enforcing a global budget and/or normalizing multi-values into a single value before parsing. one mitigation approach is to treat multi-values as a single comma-joined string and cap total parsed bytes (for example 8192 bytes total)." The fix is accepted when allocations and parsing operations stay within 2x of baseline and response latency (p95) stays below 2ms.
GitHub Advisory DatabaseAnthropic released Claude Mythos Preview, an advanced AI model that excels at finding security vulnerabilities (weaknesses in software), but is limiting access to a select group of companies through a program called Project Glasswing to prevent attackers from misusing it. The model can identify bugs that were previously hard to detect, including a 27-year-old bug in OpenBSD (an operating system focused on security), and Anthropic is working with U.S. government agencies to manage the risks of this powerful cybersecurity capability.
Fix: Anthropic is limiting access to Claude Mythos Preview by only providing it to a select group of companies, including Apple, Google, Microsoft, Nvidia, and Amazon Web Services, along with over 40 other firms, for defensive security work. Additionally, the company stated it 'has been in ongoing discussions' with U.S. government officials including the Cybersecurity and Infrastructure Security Agency and the Center for AI Standards and Innovation about the model's cyber capabilities.
CNBC TechnologyAnthropic announced Claude Mythos Preview, a powerful AI model capable of finding software vulnerabilities and developing exploits, alongside Project Glasswing, an industry consortium of over 40 major tech companies that will receive early access to test the model on their systems. The staggered release approach, modeled after coordinated vulnerability disclosure (the practice of giving developers time to patch bugs before public disclosure), aims to help organizations identify and fix security weaknesses before the model becomes widely available in the coming months.
Fix: Anthropic is conducting a staggered release of Mythos Preview beginning with an industry collaboration phase, giving Project Glasswing partners private access to the model so they can 'turn Mythos Preview on their own systems so they can mitigate vulnerabilities and exploit chains that the model develops in simulated attacks.' This approach is based on coordinated vulnerability disclosure practices.
Wired (Security)Anthropic has developed a new AI model called Claude Mythos as part of Project Glasswing, an initiative aimed at securing critical software before it can be exploited by attackers. The model is framed as both a cybersecurity advance and a potential risk, since advanced AI capabilities could theoretically be misused if they fall into the wrong hands.
Fix: Update to OpenClaw version 2026.4.2 or later. The fix involved reusing the shared secret comparison helper at the affected call sites (commit be10ecef770a4654519869c3641bbb91087c8c7b).
GitHub Advisory DatabaseFix: Update OpenClaw to version 2026.4.2 or later. The fix restricts QQ Bot structured payload local paths (commit 2c45b06afdd6f7c621038b5419d8e661cff34a7f).
GitHub Advisory DatabaseThis paper presents XFaceMark, a method that uses YOLO (an object detection system that identifies items in images) and random MRFO (a nature-inspired optimization algorithm) to add watermarks to deepfakes (AI-generated fake videos or images) in a way that can be explained and understood. The approach aims to make deepfakes traceable while allowing researchers to understand how the watermarking process works.