All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
The Azure authentication extension in OpenTelemetry Collector has a critical flaw where it compares bearer tokens (credentials that prove you are who you claim to be) as plain text strings instead of validating them as JWTs (JSON Web Tokens, a standard secure token format). This allows attackers who obtain a valid Azure token to reuse it indefinitely by setting the correct Host header, bypassing authentication entirely.
Anthropic's CEO reported that the company experienced 80-fold growth in revenue and usage during the first quarter, far exceeding their planned 10-fold growth, which has created severe strain on their computing infrastructure. To address the shortage, Anthropic signed a deal with SpaceX to access over 300 megawatts of computing capacity from the Colossus 1 data center in Memphis, Tennessee, and is working to increase capacity through other agreements including a multibillion-dollar deal with Amazon.
A critical authentication bypass vulnerability in the `fast-jwt` library allows attackers to forge valid JSON Web Tokens (JWTs, a standard format for securely transmitting user information) when an asynchronous key resolver function returns an empty string. The library incorrectly accepts an empty HMAC (a cryptographic signature method) secret and allows attackers to compute valid signatures with the empty key, bypassing authentication entirely on versions up to 6.2.3.
Snap reported first-quarter earnings that met revenue expectations but provided cautious guidance for the next quarter, partly due to ending its $400 million partnership with Perplexity (a generative AI startup that creates search engines). The company also cited uncertainty from the geopolitical situation in the Middle East as a factor affecting its sales outlook.
PraisonAI contains an unauthenticated remote code execution (RCE, where an attacker can run arbitrary commands on a server) vulnerability in the `tool_override.py` file that was missed during a previous security patch (CVE-2026-40287). An attacker can trigger this by sending a POST request to `/v1/recipes/run` with a malicious recipe, causing the server to execute a `tools.py` file without any authentication or security checks. The vulnerability affects version 4.6.31 and other recent versions.
In vLLM versions 0.18.0 through 0.19.1, a bug in the `extract_hidden_states` speculative decoding proposer (a component that predicts tokens ahead of time to speed up AI inference) causes the server to crash when any request includes sampling penalty parameters like `repetition_penalty`. The crash happens because the proposer returns a tensor (multi-dimensional array) with the wrong shape after the first step, causing a shape mismatch error when penalties are applied.
Google has shut down Project Mariner, an experimental AI feature that could automatically perform tasks for users across the web, as of May 4th, 2026. The company stated that the technology has been integrated into other Google AI products, particularly Gemini Agent (an AI that can perform multiple actions autonomously). Project Mariner was originally announced in December 2024 and could handle up to 10 tasks at once before being discontinued.
This article discusses political developments around AI policy in the White House, specifically reporting that the administration was considering government review of AI models before their release. The piece appears to analyze shifts in policy direction related to AI regulation and governance.
This article reports on testimony from Shivon Zilis, a former OpenAI board member, in a lawsuit where Elon Musk is trying to reverse OpenAI's shift to a for-profit company structure. Zilis, who has worked across multiple Musk companies and served as an OpenAI advisor and director, revealed details about her personal relationship with Musk, including that he offered to father her children in 2020, which resulted in four children together. The article discusses potential conflicts of interest, as OpenAI leaders claim they trusted Zilis to manage the conflict of interest (a situation where someone's personal relationships or financial stakes could bias their decisions) created by her relationships with both Musk and OpenAI.
AWS has released a compliance guide for ISO/IEC 42001:2023, which is an international standard for managing AI systems responsibly. The guide helps organizations design and operate an AI Management System (AIMS, a set of policies and controls for governing AI) on AWS by mapping the standard's requirements to specific AWS services and explaining how to collect evidence for compliance audits. While AWS provides secure infrastructure and tools, organizations remain responsible for defining their own AI governance scope, implementing the required controls, and proving they meet the standard during certification.
Mira Murati, OpenAI's former Chief Technology Officer (CTO, a senior technical leader), testified in court that CEO Sam Altman lied to her about whether a new AI model needed safety review before being released to users. Murati stated under oath that Altman falsely claimed the legal department had approved skipping the company's safety review process, when this was not true.
Craft CMS has a security flaw in its GraphQL Address resolver that fails to properly filter which addresses a user can access. A GraphQL API token (a credential that grants limited access to the API) scoped to read only one user group can retrieve addresses from all user groups, exposing sensitive personal information like names, addresses, tax IDs, and organization details that should be hidden from that token.
Anthropic announced a deal with SpaceX to use over 300 megawatts of compute capacity (computing power) from SpaceX's Colossus 1 data center in Memphis, Tennessee, with plans to develop gigawatts of capacity in space. This agreement aims to improve service for Anthropic's paid Claude Pro and Claude Max subscribers, following the company's recent statement that demand has strained its infrastructure and affected reliability during peak hours.
Nginx-UI's GetSettings API endpoint returns all configuration settings to authenticated users, including 40+ sensitive fields marked as protected (like JwtSecret for forging auth tokens, NodeSecret for impersonating cluster nodes, and OIDC ClientSecret for OAuth takeover). The protection mechanism only works when saving settings, not when reading them, because the custom `protected:"true"` tag is ignored by Go's JSON serialization.
This live blog covers Anthropic's Code w/ Claude 2026 event, where the company announced increased rate limits for developers, a partnership with SpaceX to use their Colossus data center for capacity, and three new Claude Managed Agents features: multi-agent orchestration (coordinating multiple AI agents to work together), outcomes-based iteration (setting success criteria for agents to achieve), and "Dreaming" (where agents review past sessions to self-improve). The blog notes that API volume has grown 17x year-over-year and highlights the importance of tool use, long context windows (allowing AI to process more information), and agentic loops (repeated cycles of agent reasoning and action) in modern AI development.
WiseTech, a logistics software company, announced in February that it would cut 2,000 jobs due to advances in AI, but three months later employees still don't know which positions will be eliminated. The company's founder claimed that AI agents could learn human jobs in just 15 minutes, leaving workers stressed about the prolonged uncertainty.
Alpha Linux systems experience random user-space crashes and memory corruption when memory compaction (a process that reorganizes memory to reduce fragmentation) is enabled, with symptoms including segmentation faults and heap errors. The problem stems from incomplete TLB shootdown (flushing stale memory address translations across processors) during page migration, which Alpha's standard cache coherency method cannot fully prevent. The fix introduces a specialized migration helper that combines MM context invalidation, immediate per-CPU TLB flushing, and cross-CPU synchronization, along with updates to other memory functions for correct multi-processor memory ordering.
Fix: Anthropic is working as quickly as possible to provide more computing capacity and will pass that compute on to users as soon as possible. The company has inked several compute deals in recent weeks, including a deal with SpaceX for over 300 megawatts of capacity at the Colossus 1 data center and a multibillion-dollar agreement with Amazon.
CNBC TechnologyFix: The source text does not provide an explicit patch version, code fix, or mitigation strategy. N/A -- no mitigation discussed in source.
GitHub Advisory DatabaseFix: Fixed in vLLM v0.20.0 (PR #38610) by slicing the return value to `sampled_token_ids[:, :1]` to ensure the correct shape. If upgrading is not possible, either avoid using `extract_hidden_states` as the speculative decoding method, or strip penalty parameters (`repetition_penalty`, `frequency_penalty`, `presence_penalty`) from incoming requests at an API gateway before they reach vLLM.
GitHub Advisory DatabaseFix: The guide provides implementation guidance including: mapping ISO 42001:2023 clauses 4-10 and Annex A controls to AWS services; recommendations for evidence collection, documentation, and audit readiness using AWS native tooling; and best practices for operationalizing AI compliance activities through automation and infrastructure-as-code. Organizations are directed to download the full ISO/IEC 42001:2023 on AWS Compliance Guide and contact AWS Security Assurance Services for further assistance.
AWS Security BlogModern security operations centers (SOCs, teams that monitor and respond to cyber attacks) are shifting from rule-based automation to AI-driven automation that helps human analysts make better decisions faster. Microsoft was named a leader in this space for evolving its security tools, including features like automatic attack response, AI-powered phishing detection, incident prioritization, and AI agents that can reason across multiple security signals and assist analysts with decision-making.
Simon Willison discusses how vibe coding (using AI to generate code without understanding or reviewing it) and agentic engineering (using AI tools while maintaining professional standards and code quality) are becoming harder to distinguish in practice. As AI coding tools become more reliable, even experienced engineers like Willison find themselves not reviewing all AI-generated code in production systems, which blurs the line between the two approaches and raises questions about responsible software development.
Model Inversion Attacks (MIAs, where attackers recover private training data by accessing a model's weights or outputs) pose serious privacy risks, and existing defenses don't protect well against attackers with different levels of knowledge. The paper proposes DAAS (Defense via Auto-Augmentation Search), which automatically finds the best combinations of data augmentation (transformations like cropping applied to images) that balance privacy protection and model usefulness better than current methods.
Fix: The source proposes DAAS (Defense via Auto-Augmentation Search), which automatically assesses and identifies augmentation candidates with strong privacy-utility trade-offs from a large augmentation pool. The final search results can then be leveraged for privacy-preserving training against MIAs.
IEEE Xplore (Security & AI Journals)Fix: Introduce a migration-specific helper that combines: MM context invalidation (ASN rollover), immediate per-CPU TLB invalidation (TBI), and synchronous cross-CPU shootdown when required. Additionally, update flush_tlb_other() and pte_clear() to use READ_ONCE()/WRITE_ONCE() for correct SMP memory ordering.
NVD/CVE Database