ZDI-26-305 discloses a sandbox bypass in OpenAI Codex. Processing a repository containing malicious JavaScript can lead to code execution under the user's privileges outside the sandbox.
How much does periodic password rotation or character-class enforcement actually help? A look at the numbers: leak probability, entropy, and user behavior.
APIs generated by Cursor and Claude Code often include authentication middleware but skip per-resource ownership checks. A look at IDOR/BOLA basics, typical patterns, and the fix of scoping DB queries by owner.
ERC-8128 emerged as a standard for proving the origin of AI agent communications when agents handle crypto assets. Walks through ERC and message signing basics, how it differs from API keys and OAuth, and the implementation flow.
An LLM safety monitor's evaluator can be tricked into clearing dangerous sessions when the attacker plants fake analysis text in the monitored conversation. Experimental results, defense limits, and structural separation points.
In its April 23 update, Vercel disclosed customer accounts compromised prior to and independently of the Context.ai incident. Covering the Lumma Stealer infection path, the ShinyHunters $2M BreachForums listing, and what non-sensitive environment variables actually mean.
A regression in cryptographic signature validation introduced a CVSS 9.1 flaw into .NET 10.0. The Data Protection API implemented HMAC verification incompletely, opening the door to padding oracle attacks and forged authentication tokens.
Vercel's official incident disclosure published on April 19, 2026. A walk-through of how a compromise of Context.ai's Google Workspace OAuth app led to Vercel employee account takeover and access to environment variables in some customer projects, plus the checks users should run right now.
A vulnerability in iTerm2 3.6.9 and earlier where simply displaying a malicious file with cat triggers local code execution. Caused by conductor impersonation in SSH Integration, fixed in 3.7.0.
The WordPress plugin Vertex Addons for Elementor (<= v1.6.4) has a broken authorization check in activate_required_plugins() that lets Subscriber-level users install and activate arbitrary plugins. CWE-862, CVSS 8.8.
CVE-2026-34197 (CVSS 8.8), an RCE in Apache ActiveMQ Classic that lurked for 13 years, was added to the CISA KEV catalog. Authenticated attackers can achieve remote code execution via the Jolokia API. Affects versions below 5.19.4 and 6.0.0–6.2.2.
NIST has changed NVD's operational policy. Full CVE enrichment is over — only CISA KEV, federal software, and EO 14028 critical software will be prioritized.
