Mastodawn

Meta confirms 20,000+ Instagram accounts compromised April-June 2026 via AI chatbot account recovery bug email verification

#cybersecurity #meta #instagram #aivulnerability #securityengineering

https://radarkilat.com/en/article/meta-ai-chatbot-vulnerability-20-000-instagram-accounts-compromised-via-account-recovery-bug

Analyst207 May 20

Claude AI Exposes Unaddressed Vulnerability in Sandbox Environment

A recent report by The Register revealed that a significant vulnerability in the Claude AI sandbox environment went unaddressed, leaving users exposed to potential risks. The issue was quietly fixed without a public disclosure or CVE assignment, sparking concerns about transparency in AI security.

https://osintsights.com/claude-ai-exposes-unaddressed-vulnerability-in-sandbox-environment?utm_source=mastodon&utm_medium=social

#AiVulnerability #ClaudeAi #SandboxEnvironment #EmergingThreats #UnpatchedVulnerability

Claude AI Exposes Unaddressed Vulnerability in Sandbox Environment

Discover the unaddressed vulnerability in Claude AI's sandbox environment and learn how to protect yourself - Read the full report now and stay secure.

OSINTSights

Scott McCarty Apr 10

Red Hat on the Mythos era: "Open source is the baseline for innovation, and we intend to keep this foundation strong."

AI is discovering vulnerabilities at scale. Red Hat Product Security triages them with context — ASLR, SELinux, and decades of upstream expertise. Context beats panic.

https://www.redhat.com/en/blog/navigating-mythos-haunted-world-platform-security

#OpenSource #PlatformSecurity #RHEL #AIVulnerability #CyberSecurity

Ars Technica News Aug 27, 2025

New AI browser agents create risks if sites hijack them with hidden instructions https://arstechni.ca/5aGQ #computerusemodel #promptinjections #AIvulnerability #browsersecurity #Chromeextension #machinelearning #SimonWillison #webbrowsers #AIsecurity #agenticAI #Anthropic #AIagents #AIsafety #Biz&IT #Claude #AI

Anthropic’s auto-clicking AI Chrome extension raises browser-hijacking concerns

Malicious websites can embed invisible commands that AI agents will follow blindly.

Ars Technica

N-gated Hacker News Feb 24, 2025

🚨BREAKING NEWS: Grok 3, Twitter's darling AI, can be "hacked" by... tweeting at it? 😂 Apparently, shouting "#FriedGangliaPartyTrap" on your keyboard will send this genius AI off the rails. Seems like Grok 3’s big feature is its vulnerability, and now it's on display for all of Twitter to see. But hey, they did say it’s a social experiment, right? 🐦🔓
https://simonwillison.net/2025/Feb/23/grok-3-indirect-prompt-injection/ #Grok3 #TwitterAI #AIvulnerability #SocialExperiment #HackerNews #ngated

Grok 3 is highly vulnerable to indirect prompt injection

xAI's new Grok 3 is currently deployed on Twitter (aka "X"), and apparently uses its ability to search for relevant tweets as part of every response. This is one of …

Simon Willison’s Weblog