Microsoft

Active attack: Dirty Frag Linux vulnerability expands post-compromise risk

Dirty Frag is a newly disclosed Linux local privilege escalation vulnerability affecting kernel networking and ...

Critical New Linux Zero-Day Goes Public—What Admins Need To Do Now

Hot on the heels of Copy Fail comes Dirty Frag. A Linux kernel zero-day vulnerability with no patch, giving hackers root.

Chrome’s 4GB AI model isn’t new, but you’re not wrong for being confused

Because Gemini Nano is constantly appearing on machines for the first time, people may think this is something new. In ...

OpenAI’s Codex just moved into Chrome, where the useful work and the risks live

OpenAI’s Codex Chrome extension pushes the coding agent into signed-in browser work, making it more useful for real tasks while raising new questions about access, approvals, and agentic AI risk.

A company tested Claude Mythos Preview. It says the AI found hundreds of bugs, including 1 that had existed for 20 years

Mozilla says Anthropic's unreleased Claude Mythos AI found security flaws that automated testing systems missed for years.

Mozilla is sharing more details about some of the 271 Firefox bugs identified by Claude Mythos Preview.

Mozilla: > Ordinarily we keep detailed bug reports private for several months after shipping fixes and issuing security advisories, largely as a precaution to protect any users who, for whatever ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...