CISA tells feds to patch 13-year-old Apache ActiveMQ bug
Security CISA tells feds to patch 13-year-old Apache ActiveMQ bug under active attack Bug hiding in plain sight for over a decade lands on KEV list CISA is sounding the…
Search
AI agents found vulns in this Linux and Unix print server
…Linux and Unix print server CUPS server shown spilling out remote code execution and root access In the latest chapter on leaky CUPS, a security researcher and his band of bug-hunting…
AI vendors' response to security flaws: It wasn't me
…The three agents are Anthropic's Claude Code Security Review, Google's Gemini CLI Action, and Microsoft's GitHub Copilot, and all three vendors paid out bug bounties for the discoveries. Anthropic…
Anthropic, Google, Microsoft paid AI bug bounties – quietly
…The researchers targeted Anthropic's Claude Code Security Review, Google's Gemini CLI Action, and Microsoft's GitHub Copilot, then disclosed the flaws and received bug bounties from all three. But none…
Ancient Excel bug comes out of retirement for active attacks
…It can be used to deceive employees, partners, or customers by presenting falsified information within trusted SharePoint environments." ® patches excel cybersecurity and infrastructure security agency vulnerability security
Linux 7.0 debuts as Linus Torvalds ponders AI's impact
…GKH also last week made a pull request that delivered what he described as “some documentation updates to the security-bugs.rst file to hopefully tell the AI tools (and any users…
Google rushes Chrome update to fix zero-days under attack
Patches Google rushes Chrome update fixing two zero-days already under attack Skia graphics lib and V8 JavaScript engine brings browser's tally of actively exploited bugs to three in 2026 Google…
Linux kernel czar says AI bug reports aren't slop anymore
…generated bug reports and security findings – at least now they're real bugs and not garbage ones. Behind the scenes, security teams are comparing notes. "We get together informally and talk a…
Using AI to code does not mean your code is more secure
…It has more than 300 security advisories and appears to have been heavily vibe-coded, but most AI traces have been stripped away. We can only confidently confirm around 20 cases with…
Lovable denies data leak, cites 'intentional behavior'
…any user could have changed their project from public to private at any time. “ And chats from public projects are no longer visible - for anyone,” they added. security ai bug bounty hackerone