Learn from Your Mistakes: Tree-Like Self-Play for Secure Code LLMs

While Large Language Models LLMs excel in code generation, they remain prone to replicating subtle yet critical vulnerabilities endemic to their training data. Current alignment techniques, such as Supervised Fine-Tuning SFT and Reinforcement Learning RL, typically apply coarse-grained optimizati...

Incorrect Authorization

Overview twig/twig is a flexible, fast, and secure template language for PHP. Affected versions of this package are vulnerable to Incorrect Authorization via cached template security decisions in the sandbox implementation. An attacker can bypass sandbox filter, tag, and function restrictions...

Microsoft Open-Sources RAMPART and Clarity to Secure AI Agents During Development

Microsoft has unveiled two new open-source tools called RAMPART and Clarity to assist developers in better testing the security of artificial intelligence AI agents. RAMPART, short for Risk Assessment and Measurement Platform for Agentic Red Teaming, functions as a Pytest-native safety and securi...

Astra Linux - уязвимость в qtbase-opensource-src

A issue was discovered in HTTP2 in Qt before 5.15.18, 6.x before 6.2.13, 6.3.x through 6.5.x before 6.5.7, and 6.6.x through 6.7.x before 6.7.3. Code that makes security-related decisions regarding established connections may execute prematurely, because the encrypted signal has not yet been...

Astra Linux - уязвимость в golang-1.19

The ParseAddressList function improperly handles comments text within parentheses within display names. Since this contradicts conforming address parsers, it can lead to different trust decisions being made by programs that use different parsers...

Why Agentic AI Is Security's Next Blind Spot

Agentic AI is already running in production environments across many organizations today. It is executing tasks, consuming data, and taking actions — most likely without meaningful involvement from the security team. The industry conversation has largely framed this as a question of policy: allow...

AgentTrust: Runtime Safety Evaluation and Interception for AI Agent Tool Use

Modern AI agents execute real-world side effects through tool calls such as file operations, shell commands, HTTP requests, and database queries. A single unsafe action, including accidental deletion, credential exposure, or data exfiltration, can cause irreversible harm. Existing defenses are...

CVE-2026-39807

The CVE describes a vulnerability in Bandit (Elixir) where the function Elixir.Bandit.Pipeline:determine_scheme/2 returns the client-supplied URI scheme verbatim, ignoring the transport’s secure flag. On plaintext TCP, a client can declare https and Bandit will set conn.scheme = :https even witho...

Managed vs Self-Managed Cloud Hosting: Choosing the Best Option for Your Business

As more businesses relocate their operations to the cloud, one important decision arises: should you choose managed or…...

MARD: A Multi-Agent Framework for Robust Android Malware Detection

With the rapid evolution of Android applications, traditional machine learning-based detection models suffer from concept drift. Additionally, they are constrained by shallow features, lacking deep semantic understanding and interpretability of decisions. Although Large Language Models LLMs...

PT-2026-35774

Name of the Vulnerable Software and Affected Versions OpenClaw versions prior to 2026.3.28 Description An exec allowlist bypass exists where allow-always persistence fails to unwrap /usr/bin/script and similar wrappers before storing trust decisions. This allows attackers to obtain user approval...

Architecture Matters for Multi-Agent Security

Multi-agent systems MAS, composed of networks of two or more autonomous AI agents, have become increasingly popular in production deployments, yet introduce security risks that do not arise in single-agent settings. Even if individual agents exhibit robust security, architectural decisions...

GHSA-JWVJ-G8PC-CX45 OpenFGA's BatchCheck within-request deduplication produces incorrect authorization decisions via list-value cache-key collision

Description In OpenFGA, under specific conditions, BatchCheck calls with multiple checks sent for the same object, relation, and user combination can result in improper policy enforcement. Am I affected? You are affected if you meet the following preconditions: 1. You execute BatchCheck operation...

From Incomplete Architecture to Quantified Risk: Multimodal LLM-Driven Security Assessment for Cyber-Physical Systems

Cyber-physical systems often contend with incomplete architectural documentation or outdated information resulting from legacy technologies, knowledge management gaps, and the complexity of integrating diverse subsystems over extended operational lifecycles. This architectural incompleteness...

CVE-2026-34778

Electron: Service worker spoof IPC replies flaw allows a session service worker to spoof internal IPC replies used by webContents.executeJavaScript, causing the main-process promise to resolve with attacker-controlled data. Affected only if service workers are registered and the result of execute...

CVE-2026-34778 Electron: Service worker can spoof executeJavaScript IPC replies

Electron is a framework for writing cross-platform desktop applications using JavaScript, HTML and CSS. Prior to versions 38.8.6, 39.8.1, 40.8.1, and 41.0.0, a service worker running in a session could spoof reply messages on the internal IPC channel used by webContents.executeJavaScript and...

Electron: Service worker can spoof executeJavaScript IPC replies

Impact A service worker running in a session could spoof reply messages on the internal IPC channel used by webContents.executeJavaScript and related methods, causing the main-process promise to resolve with attacker-controlled data. Apps are only affected if they have service workers registered...

GHSA-XJ5X-M3F3-5X3H Electron: Service worker can spoof executeJavaScript IPC replies

Impact A service worker running in a session could spoof reply messages on the internal IPC channel used by webContents.executeJavaScript and related methods, causing the main-process promise to resolve with attacker-controlled data. Apps are only affected if they have service workers registered...

GHSA-6PFC-6M7W-M8FX OpenClaw has a gateway exec allowlist allow-always bypass via unregistered /usr/bin/script wrapper

Summary Allow-always persistence did not unwrap /usr/bin/script and similar wrappers to the actual executed target before storing trust decisions. Impact A user approval for one wrapped command could persist trust for a wrapper binary that later executed a different underlying program. Affected...

Asking AI for personal advice is a bad idea, Stanford study shows

Stanford computer scientists just proved what therapists already suspected: AI chatbots will agree with almost anything you say to keep you happy. The researchers caught these systems validating dangerous decisions just to maintain user engagement. That's a worrying development, especially given...