All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
OpenTelemetry eBPF Instrumentation (OBI) has a performance flaw where it replays BPF probe hits (measurements of how long code takes to run) by looping once for each recorded execution. On busy systems, this loop can become very large between metric collection intervals, causing the metrics exporter to waste CPU time in a tight loop rather than processing a fixed number of metric series.
Pope Leo is releasing an encyclical (a major teaching document from the Catholic Church) called Magnifica Humanitas that addresses how artificial intelligence affects human dignity, workers' rights, and society. The document will be presented at the Vatican on May 25 with Christopher Olah, co-founder of Anthropic (an AI company), and other speakers, marking a significant moment where the Church signals its engagement with rapid technological change similar to how Pope Leo XIII responded to the Industrial Revolution in 1891.
Elon Musk sued Sam Altman over control of OpenAI, a major AI company they co-founded together, but a jury dismissed the case after just two hours due to legal time limits. The trial revealed concerns that many of the powerful tech leaders directing AI development may not be trustworthy or temperamentally suited for the responsibility.
Elon Musk lost a court case against OpenAI and Sam Altman because a jury decided he waited too long to file the lawsuit, not because his claims were false. Musk had accused Altman and OpenAI of breaking an agreement to keep the AI company as a nonprofit charity, but the court ruled the case fell outside the three-year deadline (statute of limitations) for bringing such claims. Musk plans to appeal the decision.
A California jury dismissed Elon Musk's lawsuit against OpenAI and CEO Sam Altman, ruling that Musk had waited too long to file his claims (the statute of limitations, a legal deadline for when lawsuits must be filed, had expired). Musk had accused Altman of breaching a non-profit agreement by converting OpenAI to a for-profit company after Musk donated $38 million early in the company's history. The jury's decision means the case was dismissed on timing grounds rather than on the actual merits of Musk's accusations.
OpenTelemetry eBPF Instrumentation (OBI) has a vulnerability in its Postgres protocol parser that can crash when it receives a malformed BIND message (a type of Postgres network packet). The parser doesn't check if the message payload is complete before reading from it, so an attacker could send a specially crafted empty or truncated packet to cause the program to panic and stop collecting telemetry data.
OpenTelemetry eBPF Instrumentation (OBI) exports unfiltered error messages from Redis directly into span status messages, which are then sent to telemetry backends (systems that collect and store trace data). This means sensitive information like tokens or passwords that appear in Redis errors could be leaked into monitoring systems, and attackers could inject malicious text into these systems.
OpenTelemetry eBPF Instrumentation (OBI) has a vulnerability where its ELF parser (a tool that reads executable file formats) blindly trusts offsets and metadata from binary files without checking if they're valid. A malicious or corrupted executable can cause OBI to crash when it tries to analyze what programming language a process uses, disrupting monitoring for other applications on the system.
Three Mistral AI npm packages (@mistralai/mistralai, @mistralai/mistralai-azure, @mistralai/mistralai-gcp) were compromised in a supply chain attack (where malicious code is inserted into legitimate software dependencies) between May 11-12. However, the malicious code, called a dropper (a program designed to download and execute harmful payloads), was broken and failed to run because it referenced the wrong filename. The affected versions have been removed from npm.
Version 2.4.6 of the mistralai package on PyPI contained malicious code that runs when the package is imported on Linux systems. The malicious code downloads and executes a file from a remote server, and versions 2.4.5 and earlier are not affected.
In n8n-mcp (a tool that bridges AI agents to n8n workflow automation) running in multi-tenant mode, requests missing tenant identification headers would fall back to using the operator's own n8n credentials, allowing an authenticated tenant to access or modify the operator's workflows and data instead of their own. This only affects shared multi-tenant deployments, not single-tenant setups.
This article reports on a legal case between Elon Musk and Sam Altman, where a jury decided that Musk's claims were invalid either because the statute of limitations (the legal deadline for filing a lawsuit) had expired or due to case dismissals. The jury's decision was advisory (meaning it was only a recommendation to the judge), but the presiding judge accepted their verdict anyway.
Google is attending its annual I/O developer conference as the third-place competitor in the foundation model (large AI systems trained on broad data) race, having fallen behind Anthropic's Claude and OpenAI's systems, particularly in coding capabilities. The article previews expected announcements in three areas: a potential comeback attempt in AI coding tools, continued strength in AI for science (where Google won a Nobel Prize), and moves in health and medicine AI. While Google's internal teams reportedly needed to use competitors' tools to stay productive, major breakthroughs at the conference are unlikely.
ChromaDB (a Python project for storing AI embeddings) versions 1.0.0 and later contain a code injection vulnerability that lets unauthenticated attackers run arbitrary code on the server by sending a malicious model repository with a specific setting enabled to a particular API endpoint. The vulnerability has a CVSS score (a 0-10 severity rating) of 10.0, marking it as critical.
Amazon has added a new feature to Alexa Plus (its upgraded AI assistant) that lets users generate podcasts on nearly any topic by simply describing what they want. The AI creates two AI-generated hosts that discuss the chosen topic, and users can preview and customize the podcast before it's created.
Shadow AI refers to unapproved AI tools that employees use at work without IT oversight, often gaining access to corporate data through quick login approvals that bypass traditional security monitoring. The article explains that 80% of employees use unapproved generative AI applications, and most companies lack formal AI governance policies, creating a visibility gap for security teams. The source describes a five-step program to manage this risk by discovering which tools are running, creating employee-friendly policies, and establishing approved alternatives.
Fix: The source explicitly recommends a five-step program: (1) discover all AI tools in use by auditing OAuth (authorization tokens that grant app access to data) connections, scanning for browser extensions, identifying AI features in already-approved tools, and surveying employees; (2) write a practical policy listing approved tools, specifying which data categories (customer records, source code, financial information) should never enter AI tools, confirming data training opt-out status for sensitive tools, and defining a process for requesting new tools; (3-5) [the source text is incomplete and does not provide steps 3-5]. Implement steps 1-2 to give security teams visibility while providing employees a clear approved path for AI tool adoption.
BleepingComputerUK regulators (Ofcom) are requiring social media platforms, messaging services, and online forums to follow stricter rules to prevent the spread of intimate image abuse (sharing private sexual images without consent, sometimes called 'revenge porn') and AI-generated deepfakes (fake videos created with AI to show people doing things they didn't do). This comes after a rise in such harmful content, particularly targeting women and girls, including a spike in deepfakes created with AI tools like Elon Musk's Grok.
Fix: Ofcom said it would change its codes of practice to force service providers to detect and quash intimate image abuse and crack down on AI-generated deepfakes.
The Guardian TechnologyThis is a scoping review (a broad survey of existing research) that examines how small and medium-sized enterprises can prevent and respond to cyber incidents (security breaches and attacks). The paper synthesizes research findings to help SMEs understand best practices for protecting their systems and recovering when attacks occur.
Fix: 1. Stop using the affected package versions immediately (2.2.2, 2.2.3, 2.2.4 for @mistralai/mistralai; 1.7.1, 1.7.2, 1.7.3 for @mistralai/mistralai-azure and @mistralai/mistralai-gcp). 2. Clean systems where these packages were installed. Check your installed versions using 'npm ls' or by searching your lockfiles (package-lock.json, pnpm-lock.yaml, yarn.lock) for the affected version numbers. Also check build artifacts, container images, and package caches for the malicious files: router_init.js, tanstack_runner.js, or @tanstack/setup package.json.
GitHub Advisory DatabaseFix: Pin mistralai to version 2.4.5 or earlier. The source text states: 'Pin mistralai to 2.4.5 or earlier. While the PyPI project is quarantined, install from this repository at a known-good tag, e.g. git+https://github.com/mistralai/client-python.git@v2.4.5.' Additionally, on affected Linux hosts, rotate every credential reachable from the importing process and review host and cloud audit logs for activity from approximately 2026-05-12 00:05 UTC onward.
GitHub Advisory DatabaseFix: Fixed in n8n-mcp 2.51.2. The fix rejects requests without proper tenant headers at the HTTP edge with a 400 error before processing, prevents the system from using fallback operator credentials when in multi-tenant mode, and blocks secondary leaks in health checks and other handlers. Upgrade via 'npx n8n-mcp@latest' (NPM) or 'docker pull ghcr.io/czlonkowski/n8n-mcp:latest' (Docker). Workarounds if upgrading immediately is not possible: disable multi-tenant mode and run separate instances per tenant, use a proxy to reject requests missing both tenant headers, or restrict the operator API key to minimum required permissions if your n8n supports scoping (Enterprise or compatible Community Edition builds).
GitHub Advisory DatabaseAI models are rapidly improving at performing multi-stage penetration tests (simulated attacks where attackers try to break into systems through multiple steps), with the difficulty of tasks they can complete doubling every 4.7 months as of early 2025. The UK government's AI Security Institute measured this by comparing how well AI models could replicate tasks that human cybersecurity experts can complete, finding that the latest AI systems are now showing even greater capability and posing real security risks to organizations with weak defenses.
Anthropic is briefing global financial regulators on Claude Mythos, an AI model with advanced capabilities in finding previously unknown cybersecurity flaws that hackers could exploit. Rather than releasing Mythos publicly, Anthropic has restricted access to selected tech companies and banks to help identify weaknesses, while the UK's AI Security Institute has found the latest version shows a significant capability jump, even completing a difficult autonomous hacking test that no prior model had solved.
Fix: UK regulators and the Treasury released guidance directing firms to 'double down' on 'core cyber hygiene,' which includes reviewing legacy systems, implementing good detection mechanisms, establishing proper governance, planning recovery procedures, and considering insurance coverage.
The Guardian Technology