Claude Code bypasses safety rule if given too many commands
…After this story was filed, Adversa said that the vulnerability appears to have been fixed without notice in the newly released Claude Code v2.1.90 . ai security development claude ai and…
Search
Firefox finds a slew of new bugs with Claude's help
…vulnerabilities (CVE-2026-2796). "To be clear, the exploit that Claude wrote only works within a testing environment that intentionally removes some of the security features of modern web browsers," explained security…
Anthropic's Project Glasswing CVE count is still guesswork
…He also suggested that Anthropic "create a dedicated security advisory page where security advisories and vulnerability disclosures were published in a consistent way, to provide a way for consumers to understand the…
AI slop got better, so now maintainers have more work
…demand upon maintainers who have to evaluate more plausible vulnerability reports. "Over the last few months, we have stopped getting AI slop security reports in the curl project," said Daniel Stenberg, founder…
AI agents found vulns in this Linux and Unix print server
…Asim Viladi Oglu Manizada and his team of vulnerability hunting agents recently discovered two issues in CUPS, CVE-2026-34980 and CVE-2026-34990, and the SpaceX security engineer said he was…
Ancient Excel bug comes out of retirement for active attacks
…It can be used to deceive employees, partners, or customers by presenting falsified information within trusted SharePoint environments." ® patches excel cybersecurity and infrastructure security agency vulnerability security
Ransomware crims abused Cisco 0-day weeks before disclosure
…The critical security flaw allows an unauthenticated, remote attacker to execute arbitrary Java code as root on vulnerable devices. Cisco released software updates that fix the vulnerability on March 4 – but the…
CISA tells feds to patch 13-year-old Apache ActiveMQ bug
…its Known Exploited Vulnerabilities (KEV) catalog on Thursday, triggering a Binding Operational Directive (BOD) 22-01 deadline that gives Federal Civilian Executive Branch agencies until April 30 to fix their systems or…
Lightning-fast exploits mean patch fast, says Cisco Talos
…Uncle Sam backs out, and AI agents are everywhere Ex-CISA head thinks AI might fix code so fast we won't need security teams Protecting democracy means democratizing cybersecurity. Bring on…
Claude Opus wrote a Chrome exploit for $2,283
…He also argues that security patches should be done automatically, so people aren't left vulnerable because they forgot to accept an update. And he says open source projects like V8 use…