#Security

LangFlow's CVE-2026-33017 was already being exploited within 20 hours of disclosure

A CVSS 9.3 unauthenticated RCE in LangFlow was confirmed in real-world attacks within 20 hours of public disclosure.

OpenClaw agent billing security using NemoClaw and Stripe MPP

NVIDIA's NemoClaw protects OpenClaw agents with a four-layer sandbox, while Stripe's Machine Payments Protocol enables payments without handing over private keys to agents. How can I safely charge from within the sandbox?

GNU Inetutils telnetd CVSS 9.8 pre-authentication remote code execution vulnerability (CVE-2026-32746)

A buffer overflow was discovered in the LINEMODE SLC handler of GNU Inetutils telnetd. No authentication required - root privileges can be gained just by connecting to port 23. All versions (~2.7) are affected and no patch has been released.

Cisco FMC CVSS 10.0 zero-day CVE-2026-20131 was exploited by Interlock ransomware for 36 days

Cisco Secure FMC's unauthenticated RCE flaw CVE-2026-20131 (CVSS 10.0) was added to CISA's KEV catalog after Interlock ransomware had been abusing it for 36 days before Cisco's public disclosure. Amazon Threat Intelligence later dissected the toolkit in detail.

Why Codex Security does not emit SAST reports

OpenAI explains the AI-driven constraint-reasoning approach behind Codex Security and how it differs from traditional SAST.

Chrome DevTools MCP now supports connecting to existing browser sessions

Added --autoConnect option to Chrome DevTools MCP server, allowing coding agents to connect directly to an existing browser session. A deep dive into the background of the MCP vs CLI debate, browser operations with OpenClaw, and the risks of authenticated session delegation.

GlassWorm surges on Open VSX, and the campaign has evolved into transitive infection through extension dependencies

GlassWorm has expanded to 72 Open VSX extensions, 151 GitHub repositories, and 88 npm packages, while a new supply-chain technique now abuses extensionDependencies as a delivery channel.

Cloudflare ships WAF security for AI apps and RFC 9457-style error responses on the same day

AI Security for Apps reached GA, letting Cloudflare block prompt injection and PII leaks at the WAF layer. On the same day, it also launched RFC 9457-compatible error responses that replace HTML with JSON or Markdown when AI agents hit Cloudflare errors.

Two Chrome 146 zero-days in Skia and V8 were confirmed exploited in the wild

Google released an emergency update for Chrome 146.0.7680.75 on March 13 to fix two CVSS 8.8 zero-days, both confirmed exploited in the wild. It was Chrome's third emergency patch of 2026.

Multiple n8n RCE vulnerabilities and a CISA KEV listing leave 24,700 instances unpatched

Multiple severe RCE vulnerabilities were found in n8n's workflow expression evaluation. CVE-2025-68613 (CVSS 9.9) was added to CISA's KEV catalog and is confirmed to be actively exploited. Another unauthenticated issue, CVE-2026-27493 (CVSS 9.5), also requires immediate patching.

Prompt injection countermeasures using GitHub's agent execution platform and OpenAI IH-Challenge

GitHub releases the layered defense design of the agent execution platform, and OpenAI releases the instruction hierarchy training data IH-Challenge and model. Responses to prompt injection were received from both infrastructure design and training axes.

OpenAI's Promptfoo acquisition and Microsoft's shift to a multimodel stack

OpenAI acquired AI security evaluation platform Promptfoo, and Microsoft announced that Anthropic's Claude Cowork would be integrated into Microsoft 365 Copilot. The structure of the enterprise AI market is starting to change.