All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
This research proposes CP-A²2BE, a security system for sharing data in Industrial Internet of Things (IIoT, or connected devices in factories). The system uses ciphertext-policy attribute-based encryption (a method that encrypts data so only users with specific characteristics can decrypt it) with three improvements: faster decryption through edge computing (processing at local factory nodes instead of distant servers), privacy protection for device and worker attributes, and a verifiable revocation mechanism (a way to instantly revoke access while proving the operation is legitimate).
Anthropic, an AI company, is in a legal dispute with the Pentagon over restrictions on how its AI models can be used, specifically trying to prevent deployment in domestic mass surveillance or fully autonomous lethal weapons (AI systems that make kill decisions without human control). The conflict highlights a shift in the tech industry's approach to military AI, with companies like Google previously refusing military partnerships, but now facing pressure to work with the Pentagon under the Trump administration.
Researchers discovered Slopoly, a backdoor malware (a hidden entry point into a system) likely created using an LLM (large language model, an AI trained on text data), that was deployed in ransomware attacks by the financially motivated group Hive0163. The malware uses a command-and-control framework (a central server that sends instructions to compromised systems) to steal data and maintain access, and its AI-generated code shows unusual features like detailed comments and clear variable names that are rare in human-written malware, suggesting that attackers are using AI tools to speed up custom malware creation.
Facebook Marketplace is introducing AI-powered features to help sellers work more efficiently, including an auto-reply tool that uses Meta AI to automatically respond to common questions about whether items are still available. Sellers can toggle this feature on when creating a listing, and the AI will draft editable responses that sellers can customize before sending.
Graphiti versions before 0.28.2 had a Cypher injection vulnerability (a type of attack where malicious code is hidden in user input to manipulate database queries) in its search filters for non-Kuzu database backends. Attackers could exploit this by providing crafted labels through SearchFilters.node_labels or, in MCP deployments (a system where an AI model can call external tools), through prompt injection (tricking an LLM into executing attacker-controlled commands) to execute arbitrary database operations like reading, modifying, or deleting data.
Rajesh Jha, a top Microsoft executive who oversaw Office and has worked at the company for over 35 years, is retiring in July. His departure is significant because Microsoft is trying to integrate AI models from companies like OpenAI and Anthropic into products like 365 Copilot (an AI assistant add-on for Microsoft 365 business subscriptions), and his leadership will be split among four other executives reporting directly to CEO Satya Nadella.
Third-party applications (TPAs, external software added to Kubernetes clusters) can be exploited to take over Kubernetes clusters, a container orchestration platform (software that manages containerized applications). Researchers created KubeSec, a tool that automatically analyzes these applications to find security weaknesses, discovering 562 insecure RBAC (role-based access control, a permission system in Kubernetes) patterns and 375 vulnerabilities affecting millions of users. The research revealed that these vulnerabilities take over 10 months on average to fix, highlighting a critical security gap in Kubernetes cluster management.
This research addresses the challenge of detecting deepfakes (synthetic videos or images created by AI to manipulate someone's appearance) by proposing a new detection method called a triple-branch network. The method analyzes images using both spatial features (visual patterns) and frequency features (patterns that emerge when you break down images into their component wavelengths), combined with a mathematical approach based on mutual information theory (a concept measuring how much information one variable reveals about another) to improve detection accuracy across different types of forgeries.
Researchers created Fraud-RLA, an adversarial attack (a method to trick AI systems by finding weaknesses) that uses reinforcement learning (a technique where AI learns by trial and error to maximize rewards) to evade credit card fraud detection systems. The attack is designed to steal maximum amounts of money while requiring less background knowledge about the system than other attack methods. Tests showed the attack worked effectively against realistic fraud detection systems.
This paper presents EPRU, a reputation-based authentication system designed to help vehicles in platoons (groups of cars traveling together) communicate securely and trustworthily. Unlike existing systems that only verify message integrity, EPRU also evaluates whether the content of messages is credible by tracking vehicle behavior in real time, using encryption (mathematical techniques that scramble data) to protect vehicle identities and feedback data.
Researchers developed SMInject, a new type of attack that tricks multimodal AI models (systems that process both text and images together) by injecting deceptive instructions that exploit how different data types relate to each other. The attack is designed to be harder to detect than previous methods and achieves higher success rates while still keeping the model appearing to work normally.
EBFT is a new consensus framework for permissioned blockchains (private blockchain networks where participants are known) that improves security by having nodes randomly propose blocks instead of relying on a single leader node. It combines ideas from Nakamoto consensus (the longest-chain rule used in Bitcoin) with classical BFT (Byzantine fault tolerance, a method for systems to reach agreement even when some nodes are faulty or malicious), achieving strong safety guarantees while remaining simple to implement.
MSDT is a blockchain-based protocol (a system using distributed ledger technology) designed to let people safely buy and sell data without needing a trusted middleman. The main challenge it addresses is ensuring that both the data buyer receives what they paid for and the seller gets paid simultaneously (called atomicity), while also verifying the data is actually good quality. MSDT solves this by using state channels (off-chain transactions that reduce costs) for trading contracts and adding a staking mechanism (where participants lock up funds as a security deposit) to discourage sellers from behaving dishonestly.
The US military is considering using generative AI systems (AI models that can create text and analyze data) to help rank military targets and recommend which ones to strike, with human officials making final decisions. The Pentagon is also favoring OpenAI's ChatGPT and xAI's Grok for these high-stakes military applications, while facing criticism from officials who claim that Anthropic's Claude would negatively affect the defense supply chain.
Major technology companies are offering extremely high salaries to attract top AI researchers, causing many academics to leave universities for industry jobs. This "AI brain drain" is particularly affecting young, highly-cited researchers and threatens academia's ability to conduct research driven by curiosity rather than profit, as well as its role in providing independent ethical review. However, research shows that scientific breakthroughs actually come from large collaborative teams rather than individual geniuses, making the tech industry's focus on poaching individual top talent misguided.
Onyx Security, a new startup, has received $40 million in funding to build a control pane (a central dashboard for managing systems) that helps organizations monitor and manage autonomous AI agents (AI systems that can perform tasks independently without constant human direction) and speed up their adoption.
Google Skia has an out-of-bounds write vulnerability (a bug where a program writes data outside the memory it should access), which could let attackers run malicious code through a specially crafted web page. This affects Chrome, ChromeOS, Android, Flutter, and other products, and is currently being exploited by real attackers.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Check with specific vendors for patching status and information.
CISA Known Exploited VulnerabilitiesGoogle Chromium V8 has a memory buffer vulnerability (a flaw where operations exceed safe memory boundaries) that lets remote attackers run arbitrary code inside a sandbox through a crafted HTML page. This affects multiple browsers built on Chromium, including Chrome, Microsoft Edge, and Opera, and is currently being actively exploited by attackers.
Fix: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable. Due date for action is 2026-03-27.
CISA Known Exploited VulnerabilitiesThe US military may use generative AI chatbots (AI systems trained on large amounts of text data to have conversations) to rank and prioritize target lists for human review, according to a Pentagon official. These systems, which could include OpenAI's ChatGPT or xAI's Grok, would work alongside existing military AI tools like Maven (a system using computer vision to analyze drone footage) to speed up targeting decisions. However, while generative AI outputs are easy to access, they are harder to verify than traditional military AI systems, raising concerns as the Pentagon faces scrutiny over recent military strikes.
OpenAI CEO Sam Altman met with lawmakers including Senator Mark Kelly to discuss the company's defense contract with the Department of Defense, particularly concerns about how AI systems could be used in warfare and surveillance. The meeting highlighted disagreements between AI companies and the military over safeguards, with Kelly stating that Congress plans to draft legislation creating guardrails (safety boundaries) around government AI contracts, since the technology is advancing faster than lawmakers can regulate it.
Fix: Upgrade to version 0.28.2 or later. Version 0.28.2 added validation of SearchFilters.node_labels, defense-in-depth label validation in shared search-filter constructors, validation of entity node labels in persistence query builders, and validation of group_ids in shared search fulltext helpers. If you cannot upgrade immediately, do not expose Graphiti MCP tools to untrusted users or LLM workflows processing untrusted prompts, avoid passing untrusted values into SearchFilters.node_labels or MCP entity_types, and restrict graph database credentials to minimum required privileges.
GitHub Advisory Database