GovInfoSecurity

Grafana AI Bug Leaks Data With Zero-Click Exploit

A Grafana AI flaw enables zero-click data exfiltration by hiding malicious prompts in URLs, said a Noma Security report.
The Hacker News

⚡ Weekly Recap: Fiber Optic Spying, Windows Rootkit, AI Vulnerability Hunting and More

Stay ahead of the logs with our Monday Recap. We break down active Adobe 0-days, North Korean crypto stings, and critical CVEs you need to patch today ...
Financial News

Google Fixes Fourth Actively Exploited Chrome Zero-Day in a Single Month

Security researchers have discovered a specific type of alert that they can decipher from a Google advisory. The language is nearly clinical and always measured. “Google is aware that an exploit for ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
Bleeping Computer

GitHub adds AI-powered bug detection to expand security coverage

GitHub is adopting AI-based scanning for its Code Security tool to expand vulnerability detections beyond the CodeQL static analysis and cover more languages and frameworks. The developer ...
The Hacker NewsOpinion

Project Glasswing Proved AI Can Find the Bugs. Who's Going to Fix Them?

Last week, Anthropic announced Project Glasswing, an AI model so effective at discovering software vulnerabilities that they ...

Mozilla uses Anthropic's Mythos to uncover 271 bugs in Firefox 150

The result, in the view of Firefox CTO Bobby Holley, marks a decisive shift in the long-running asymmetry between attackers ...

Mozilla Fixes 271 Firefox Bugs Using Anthropic’s Mythos AI

Mozilla says Firefox 150 patches 271 vulnerabilities found with Anthropic’s restricted Mythos AI, highlighting how quickly AI ...
The Next Web

Mozilla patched 271 Firefox bugs found by Anthropic’s Mythos, and says the zero-day era has an expiration date

Firefox 150 ships 271 bug fixes found by Claude Mythos Preview. Mozilla says the defects are finite. The UK AI Security Institute says the model can also attack autonomously.

AI's ability to find major software bugs is growing 490% year on year

The Zero Day Initiative, the largest vendor-agnostic bug bounty program in the world, has already seen a 490 percent increase ...