All tracked items across vulnerabilities, news, research, incidents, and regulatory updates.
A bug in the Linux kernel's nfsd (NFS server daemon) function nfsd_get_dir_deleg() causes a memory leak where a reference to an nfs4_file object (a data structure tracking NFS file information) is not properly released before the function exits. This leak can consume memory over time and potentially impact system stability.
Fix: Ensure that the reference to "fp" is released before returning from the nfsd_get_dir_deleg() function. The fix is available in kernel commits 0d8362e15aad5b5c1d6a65bb23ac6c45ccf881f3 and 789477b849394afdb60507924d65f7ef18f078ce on kernel.org.
NVD/CVE DatabaseA bug in the Linux kernel's imx_rproc driver (code that manages remote processors on i.MX chips) caused it to incorrectly report that a resource table (a data structure containing firmware configuration) was loaded even when the firmware didn't actually provide one. This mismatch caused the system to crash when starting firmware without a resource table.
Microsoft is reorganizing its leadership structure following the retirement of executive Rajesh Jha. Ryan Roslansky, who previously led LinkedIn and then Office, is now taking on expanded responsibilities to head a new Work Experiences Group that includes Microsoft Teams, Office, and other products.
AlphaEvolve is a Gemini-powered coding agent (an AI system that writes and optimizes code) that helps design and improve algorithms across science and industry. The system has achieved significant results including improving DNA sequencing accuracy by 30%, increasing electricity grid optimization from 14% to 88%, and enabling quantum computing simulations with 10x lower error rates.
Google Chrome is automatically downloading a large 4GB file called weights.bin (a set of numerical values that power an AI model) to users' computers when certain AI features are enabled, which is unexpectedly consuming significant storage space. This file contains Google's Gemini Nano AI model, which runs Chrome's features like scam detection and writing assistance.
Singular Bank built Singularity, an internal AI assistant powered by ChatGPT and Codex (OpenAI's code-generation model), to help bankers quickly analyze client investment portfolios and prepare communications. The system saves bankers 60-90 minutes daily by automating tasks like portfolio analysis, meeting preparation, and follow-up drafting, allowing them to spend more time advising clients and building relationships.
ChatGPT Futures honors college students from the class of 2026, the first generation to complete college with AI tools like ChatGPT available throughout their education. Rather than using AI to avoid work, these students are using it to build real projects faster, from research tools to accessibility software, demonstrating that AI amplifies human ambition and lowers barriers to turning ideas into tangible outcomes.
Frontier enterprises (those using AI most extensively) now use 3.5x more AI intelligence per worker than typical firms, with the gap driven by deeper, more complex usage rather than just more messages. The key difference is that leading firms use agentic workflows (AI systems that can complete multi-step tasks with minimal human intervention), with frontier companies sending 16x more messages to coding tools like Codex per worker, moving from simple question-answering to delegating substantial work to AI agents.
Uber is using OpenAI's large language models (AI systems trained on massive amounts of text to understand and generate human language) to build Uber Assistant, an AI-powered tool that helps drivers and couriers make better decisions by turning complex marketplace data into simple, real-time guidance. The Assistant reduces cognitive overhead (the mental effort needed to process complicated information) by letting drivers ask questions in plain language about where to earn, how to optimize their time, and understanding platform dynamics, which helps both new and experienced drivers perform better.
OpenAI President Greg Brockman testified in a trial against Elon Musk, denying that he or others made commitments to keep OpenAI as a nonprofit organization. Brockman also revealed that Musk had enlisted OpenAI employees to do unpaid work at Tesla on self-driving technology in 2017, and testified that Musk was a polarizing figure who sometimes discouraged job candidates from joining OpenAI. The lawsuit, filed two years ago, centers on whether OpenAI violated an obligation to remain a nonprofit.
vLLM (a system for running large language models) has a vulnerability where specially crafted text prompts containing multimodal placeholder tokens (sequences that represent images or videos) without actual image or video data cause the system to crash with an IndexError (a programming error when accessing data that doesn't exist). An unauthenticated attacker can send a single malicious request to a vLLM server to trigger a denial of service attack (making the service unavailable), affecting any deployment that runs vision-capable language models.
The `discover_pipeline_files()` function in ciguard (a tool used by AI agents to scan code repositories) followed symlinks (shortcuts that point to other directories) without proper restrictions, allowing an attacker to trick it into reading sensitive files outside the intended scan directory. An AI agent scanning a malicious folder with planted symlinks could accidentally expose secrets from system directories like ~/.aws/ or /etc/.
AVideo has two security flaws in how it protects against SSRF attacks (server-side request forgery, where an attacker tricks a server into fetching URLs they control). First, two endpoints validate URLs using `isSSRFSafeURL()` but then use `file_get_contents()` without disabling PHP's automatic redirect-following, allowing an attacker to bypass protection by redirecting to internal addresses like cloud metadata endpoints. Second, six other callers of `isSSRFSafeURL()` ignore the DNS pinning feature (which locks a hostname to one IP address), leaving them vulnerable to DNS rebinding attacks (where an attacker makes a hostname resolve to different IP addresses in quick succession).
The OpAMP client (a component for managing telemetry agents) reads HTTP responses without limiting how much data it accepts, which could allow an attacker controlling the server to send extremely large responses and exhaust the application's memory, causing it to crash. This vulnerability only affects applications where the OpAMP server is untrusted or could be intercepted by a network attacker.
Fix: The fix is to modify imx_rproc_elf_find_loaded_rsc_table() to return NULL when rproc->table_ptr is NULL, ensuring the function only reports a loaded resource table when a valid table_ptr actually exists. The source states: 'Fix this by returning NULL from imx_rproc_elf_find_loaded_rsc_table() when there is no resource table for the current firmware (i.e. when rproc->table_ptr is NULL).'
NVD/CVE DatabaseThis article is a retrospective review by Dark Reading marking their 20th anniversary, highlighting 20 major news events from the past two decades that have significantly influenced the cybersecurity industry and the threat landscape that security teams face today. The piece spans from Stuxnet (a sophisticated malware attack on industrial systems) to ChatGPT (a large language model AI), showing how the security field has evolved over time.
AI agents are being deployed in enterprises much faster than companies can manage them, creating a visibility problem because traditional identity and access management (IAM, systems that control who can access what) was designed for human users, not continuously-running software agents. About half of enterprise identity activity already happens outside the view of central IAM tools, leaving organizations unable to see what AI agents are operating, what data they access, or what permissions they use. The source describes using observability tools (systems that let you see what's happening) built into applications to discover AI agents and check compliance with security standards like NIST (the National Institute of Standards and Technology).
Fix: The source describes a capability called "Ask Orchid" built into Orchid Security's platform that applies identity observability at the application level to: automatically discover AI agents and their risk profiles, identify where AI agents are not in use for a complete picture, and provide recommended actions for oversight. For compliance checking, the same tool can examine how identity controls are actually implemented inside applications and compare them against NIST requirements.
The Hacker NewsAI data poisoning is a security threat where an AI model's training data or information sources become corrupted, causing the system to make decisions based on false information while appearing normal. This can happen through malicious attacks, but more often organizations poison their own systems by feeding AI models data from multiple conflicting sources like outdated files and incompatible databases. Unlike traditional cyberattacks that trigger visible alarms, poisoning is dangerous because no obvious damage appears, yet the AI produces plausible but incorrect answers affecting business decisions.
OpenAI trains ChatGPT using various data sources, including publicly available internet content and user conversations, to help the model learn broad knowledge and perform better. To protect privacy, OpenAI uses Privacy Filter (a tool that identifies and masks personal information in text) at multiple stages of training, and gives users control over their data through settings like the ability to disable model training, use temporary chats that auto-delete after 30 days, and manage or delete their account information.
Fix: OpenAI has implemented Privacy Filter, which identifies and masks personal information in text at multiple stages in the training process. Users can disable model training by going to Settings, then Data Controls, and turning off 'Improve the model for everyone.' Alternatively, users can use Temporary Chat (which does not appear in chat history, does not create memories, and is not used to train models, with conversations deleted after 30 days). Users can also review, edit, or delete saved memories, export their data, delete their account, or submit privacy requests through the privacy request portal.
OpenAI BlogN/A -- This content is a navigation menu and product listing from GitHub's website (v5.6.1), not a security issue, vulnerability report, or technical problem. It describes GitHub's features like Copilot (an AI coding assistant), Actions (workflow automation), and security tools, but contains no substantive technical content to analyze.
Palo Alto Networks PAN-OS has a critical vulnerability in its User-ID Authentication Portal (a service that authenticates users trying to access the network) that allows unauthenticated attackers to write data outside the intended memory bounds (out-of-bounds write), potentially letting them run any code with root privileges on firewalls. This vulnerability is currently being actively exploited by attackers in real-world attacks.
Fix: Until an official fix is released, implement these workarounds: restrict User-ID Authentication Portal access to only trusted zones, or disable the User-ID Authentication Portal entirely if it is not needed. If mitigations are unavailable, discontinue use of the product. Apply mitigations per vendor instructions or follow applicable BOD 22-01 guidance for cloud services.
CISA Known Exploited VulnerabilitiesFix: Fixed in v0.8.2 and v0.8.3. The patch adds a new `follow_symlinks: bool = False` parameter to `discover_pipeline_files()` that refuses to descend into symlinked directories or files by default. Additionally, all results are filtered to verify their resolved paths lie under the requested root directory, even if callers enable symlink following.
GitHub Advisory DatabaseFix: The source describes a safe implementation in `objects/functions.php`, `url_get_contents()`: disable auto-redirect with `['http' => ['follow_location' => 0]]`, manually loop through redirects (max 5 hops), and re-validate each redirect target by calling `isSSRFSafeURL()` on it before following. For DNS rebinding, the source indicates callers should capture and use the `$resolvedIP` out-parameter from `isSSRFSafeURL()` with `CURLOPT_RESOLVE` when fetching, as demonstrated by the one correctly-implemented caller `plugin/LiveLinks/proxy.php`.
GitHub Advisory DatabaseFix: Update to the patched version: pull request #4116 updates the OpAMP client HTTP transport to limit the maximum size of responses to 128KB, preventing unbounded memory consumption.
GitHub Advisory Database