May 2026 dropped three critical Linux vulnerabilities on a near-weekly cadence, and the security discourse has mostly treated them as three separate bad days. They’re not. Together they form a ...

The vulnerability in question is CVE-2026-44338 (CVSS score: 7.3), a case of missing authentication that exposes sensitive ...

Here's what's at risk as Google warns of an AI-powered mass cyberattack.

Google's Threat Intelligence Group says a criminal hacker group used a large language model to find a previously unknown flaw ...

Anthropic has announced the general availability of Claude Platform on AWS, a new deployment option that gives AWS customers ...

Researchers at Google say they have uncovered the first known case of hackers using AI to develop a zero-day cyber exploit.

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...

最后多说一句。iLink 协议是通用的，不绑定任何 Agent。前面那个 70 行的 demo 已经证明了——任何 Agent 都能接进来。协议和原理都是通的。微信把入口打开了，剩下的就看大家怎么玩了。 最近在折腾把 Claude Code 接进微信，整个跑通之后回头一看，发现底层的东西 ...

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...

Google says hackers used AI to help build a zero-day exploit targeting 2FA, raising concerns about AI-assisted hacking.

Google's GTIG identified the first zero-day exploit developed with AI and stopped a mass exploitation event. The report documents state actors using AI for vulnerability research and autonomous ...