AI security Archives • Page 2 of 5 • Daily CyberSecurity

CVE-2026-33626: High-Severity SSRF Exploited in the Wild to Hijack AI Inference Engines CVE-2026-33626 LMDeploy SSRF

CVE-2026-33626: High-Severity SSRF Exploited in the Wild to Hijack AI Inference Engines

Do Son April 23, 2026

On April 21, 2026, a high-severity Server-Side Request Forgery (SSRF) vulnerability was disclosed in LMDeploy, a popular...

Critical 9.8 RCE Threat to SGLang AI Infrastructure SGLang RCE Vulnerability CVE-2026-7301 Zero-Day SGLang RCE AI Infrastructure Vulnerability

SGLang RCE Vulnerability CVE-2026-7301 Zero-Day SGLang RCE AI Infrastructure Vulnerability

Critical 9.8 RCE Threat to SGLang AI Infrastructure

Do Son April 21, 2026

A critical remote code execution (RCE) vulnerability has been uncovered in SGLang, a popular open-source framework used...

Paperclip Unclipped: The 9.8 CVSS Flaw Handing Your AI Agents to the Public Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Paperclip Unclipped: The 9.8 CVSS Flaw Handing Your AI Agents to the Public

Do Son April 20, 2026

In the rapidly expanding frontier of AI-driven business, Paperclip has emerged as a sleek Node.js and React-based...

CVE-2026-4810: Critical 9.3 RCE Flaw Hits Google’s AI Agent Development Kit Google ADK Vulnerability AI Agent RCE

CVE-2026-4810: Critical 9.3 RCE Flaw Hits Google’s AI Agent Development Kit

Do Son April 14, 2026

A recently disclosed vulnerability in Google’s Agent Development Kit (ADK) serves as a stark reminder that even...

Maximum Severity RCE Vulnerability Decimating Paperclip AI Instances Paperclip RCE AI Agent Security Paperclip RCE Cross-Tenant AI Takeover

Maximum Severity RCE Vulnerability Decimating Paperclip AI Instances

Do Son April 14, 2026

Paperclip—a Node.js and React-based platform—has become a popular choice for businesses looking to deploy teams of AI...

LiteLLM Under Fire: Triple Threat Vulnerabilities Expose AI Gateways to Total Takeover LiteLLM SQL Injection CVE-2026-42208 LiteLLM Vulnerability AI Infrastructure Security

LiteLLM SQL Injection CVE-2026-42208 LiteLLM Vulnerability AI Infrastructure Security

LiteLLM Under Fire: Triple Threat Vulnerabilities Expose AI Gateways to Total Takeover

Do Son April 13, 2026

LiteLLM, the popular open-source library used to provide a unified interface for over 100 Large Language Models...

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026) Vulnerability Digest Active Exploitation

The CVE Watchtower: Weekly Threat Intelligence Briefing (April 6 – April 12, 2026)

Do Son April 13, 2026

Welcome to this week’s vulnerability digest. As we close out the first full week of April, security...

High-Severity Patches: NVIDIA Secures DALI and Triton Inference Server NVIDIA AI Security Deserialization Exploit

High-Severity Patches: NVIDIA Secures DALI and Triton Inference Server

Do Son April 8, 2026

NVIDIA has released two significant security updates addressing high-severity vulnerabilities across its DALI and Triton Inference Server...

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI Vertex AI Security AI Double Agents

Double Agents in the Cloud: Unit 42 Unmasks Critical AI Vulnerabilities in Google Vertex AI

Do Son April 6, 2026

As organizations race to integrate autonomous systems into their workflows, a new and subtle threat is emerging...

ChatGPT Lockdown Mode OpenAI OpenClaw acquisition OpenAI Prism GPT-5.2 LaTeX, scientific research AI workspace OpenAI, Mixpanel Breach ChatGPT Data Preservation, NYT Lawsuit ChatGPT Apps SDK, super app OpenAI Jony Ive, AI Hardware Delay Musk Apple lawsuit, App Store antitrust UK AI Partnership, OpenAI Collaboration Jony Ive OpenAI, DoD Contract OpenAI Lawsuit, ChatGPT Privacy North Korea ChatGPT - GPT-4.5 model OpenAI Models, AI Advancements OpenAI pricing, Flex API

The DNS Trap: How a “Hidden” Path Allowed ChatGPT to Silently Leak Your Private Data

Do Son April 6, 2026

In the world of AI, trust is built on a simple, unspoken agreement: what stays in the...

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 30 – April 5, 2026) Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

Vulnerability Digest Zero-Day Exploits Seedworm APT Dindoor Backdoor RedKitten Campaign AI-Generated Malware WSUS RCE ShadowPad CVE-2025-59287

The CVE Watchtower: Weekly Threat Intelligence Briefing (March 30 – April 5, 2026)

Do Son April 6, 2026

Welcome to this week’s vulnerability digest. Whether you are a CISO charting out your risk management roadmap...

The $17 Million Bounty: Google Smashes Records and Launches AI Frontier for 15th VRP Anniversary Google VRP 2025 Bug Bounty Records

The $17 Million Bounty: Google Smashes Records and Launches AI Frontier for 15th VRP Anniversary

Do Son April 5, 2026

In an era of increasingly complex digital threats, Google’s strategy of “inviting the world to find its...

“ChatGPT Ad Blocker” Extension Caught Harvesting Your Private Conversations ChatGPT Ad Blocker OpenAI Malware

“ChatGPT Ad Blocker” Extension Caught Harvesting Your Private Conversations

Do Son April 2, 2026

As OpenAI shifts toward serving advertisements to users on its free tier, a new wave of opportunistic...

The May Inquisition: UK Regulators to Probe if Microsoft’s “AI Super-Ecosystem” is Stifling the Cloud Microsoft Strategic Market Status investigation Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

Microsoft Strategic Market Status investigation Dell CES 2026 AI PC marketing, Microsoft Copilot+ PC consumer apathy Microsoft AI Sales Quota Enterprise AI Demand Edge Copilot, AI browsing

The May Inquisition: UK Regulators to Probe if Microsoft’s “AI Super-Ecosystem” is Stifling the Cloud

Do Son April 2, 2026

The United Kingdom’s Competition and Markets Authority (CMA) has once again trained its regulatory magnifying glass upon...

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA FLARE Vulnerability Federated Learning Security NVIDIA Jetson Linux Edge AI Security BioNeMo Vulnerability Insecure Deserialization NVIDIA RTX 50 Super delay NVIDIA Nsight Vulnerability Merlin Transformers4Rec NVIDIA AI Bubble $57 Billion Revenue H20 AI chip NVIDIA earnings Blackwell AI Nvidia DGX-1 Vulnerabilities CVE-2024-0143 NVIDIA Linux Gaming, VKD3D Performance

NVIDIA Patches High-Severity “Insecure Deserialization” Flaws in BioNeMo Framework

Do Son April 1, 2026

NVIDIA has issued an important security update for its BioNeMo Framework, a critical tool used by researchers...

The 8,100-Repo Wipeout: Anthropic’s Sisyphean Battle to Scrub Claude Code from the Internet Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

Fiverr Data Leak Claude Code Leak Anthropic DMCA Takedown Coupang 33.7M Breach South Korea Data Leak Red Hat Breach, Customer Data Theft Farmers Insurance, Salesforce ESLint Plugin -Mamont Android banking Trojan

The 8,100-Repo Wipeout: Anthropic’s Sisyphean Battle to Scrub Claude Code from the Internet

Do Son April 1, 2026

Yesterday, the acclaimed artificial intelligence development tool, Claude Code, inadvertently exposed its proprietary source code. Current intelligence...

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection CrewAI Vulnerabilities AI Agent Security

Critical CrewAI Vulnerabilities Allow RCE and Sandbox Escapes via Prompt Injection

Do Son March 31, 2026

The rapidly growing field of multi-agent AI systems has hit a significant security speed bump. A new...

Google Drive Deploys AI-Powered Ransomware Shields for All Users Google Drive ransomware detection

Google Drive Deploys AI-Powered Ransomware Shields for All Users

Do Son March 31, 2026

In September 2025, Google unveiled experimental ransomware detection and file restoration capabilities to a select cohort of...

GhostClaw Rising: AI-Assisted Malware Campaign Targets macOS via Malicious GitHub Repos GhostClaw Malware GitHub Supply Chain

GhostClaw Rising: AI-Assisted Malware Campaign Targets macOS via Malicious GitHub Repos

Do Son March 26, 2026

Jamf Threat Labs has released a new report detailing the evolution of GhostClaw, a sophisticated malware campaign...

NVIDIA acquisition rumors NVIDIA AI Security AI Framework Vulnerabilities Nvidia 595.76 Hotfix NVIDIA Megatron Bridge vulnerability GPU vs ASIC AI battle NVIDIA Driver Vulnerability CVE-2025-33217 NVIDIA biggest TSMC customer 2026, NVIDIA vs Apple TSMC revenue share NVIDIA CUDA Toolkit CVE-2025-33228 Groq NVIDIA licensing deal, Jonathan Ross acquihire 2025 NeMo Code Injection, AI Framework RCE NVIDIA App Privilege Escalation, CVE-2025-23358 NVIDIA Security Update, DLS Vulnerability CVE-2025-23316 NVIDIA NVDebug, vulnerabilities NVIDIA Driver Vulnerabilities, vGPU Security Nvidia Jetson, UEFI Vulnerabilities CVE-2024-0130 - CVE-2024-0136 CVE-2024-0148 NVIDIA Driver Support, Windows 10 EOL

NVIDIA Patches Critical RCE and DoS Flaws Across ML Frameworks

Do Son March 26, 2026

NVIDIA has released a series of critical software updates to address high-severity vulnerabilities across its core AI...

Critical Alert