The Next Web

Lovable left thousands of projects exposed for 48 days, and the vibe coding security crisis is only getting worse

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...

Mozilla: Anthropic’s Mythos found 271 security vulnerabilities in Firefox 150

Earlier this month, Anthropic said its Mythos Preview model was so good at finding cybersecurity vulnerabilities that the ...
SecurityWeek

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

A researcher analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly ...

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source

'Like handing out the blueprint to a bank vault': Why AI led one company to abandon open source ...
Unite.AI

Chainguard and Cursor Partner to Secure the Future of AI-Generated Code

Chainguard has announced a partnership with Cursor that directly addresses one of the fastest-growing risks in software development: trusting code generated by AI agents. As development workflows ...

Open source is collapsing under AI-powered threats | Cal.com

AI has upended the foundation of open source security, and commercial open source applications must close their code to protect sensitive data.
Security Boulevard

Vercel Breach: How a Roblox Cheat Download Led to a $2M Data Heist Through AI Tool OAuth Abuse

Vercel breached after attacker compromised Context.ai, hijacked an employee's Google Workspace via OAuth, and accessed ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...
Decrypt

Anthropic's Claude Mythos AI Finds 271 Vulnerabilities in Firefox—Yes, It's Seriously Powerful

Anthropic’s powerful Claude Mythos AI model found hundreds of vulnerabilities in Mozilla Firefox, highlighting its ...

Endor Labs Launches Agentic Code Security Benchmark, Finds Top-Performing AI Coding Agents Pass Tests But Still Fail Security

Endor Labs, today announced the launch of the agentic code security benchmark, extending the existing SusVibes framework from leading academic researchers to evaluate how securely AI coding agents ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

OpenAI’s New GPT-5.4-Cyber Raises The Stakes For AI And Security

Described by OpenAI as a new model tuned for defensive cybersecurity tasks, GPT-5.4-Cyber is being offered first to vetted ...