Mythos autonomously exploited vulnerabilities that survived 27 years of human review. Security teams need a new detection playbook

A 27-year-old bug sat inside OpenBSD’s TCP stack while auditors reviewed the code, fuzzers ran against it, and the operating system earned its reputation as one of the most security-hardened platfor [...]

CVSS scored these two Palo Alto CVEs as manageable. Chained, they gave attackers root access to 13,000 devices.

During Operation Lunar Peek in November 2024, attackers gained unauthenticated remote admin access — and eventual root — across more than 13,000 exposed Palo Alto Networks management interfaces. P [...]

Anthropic and OpenAI just exposed SAST's structural blind spot with free tools

OpenAI launched Codex Security on March 6, entering the application security market that Anthropic had disrupted 14 days earlier with Claude Code Security. Both scanners use LLM reasoning instead of p [...]

Endor Labs launches free tool AURI after study finds only 10% of AI-generated code is secure

Endor Labs, the application security startup backed by more than $208 million in venture funding, today launched AURI, a platform that embeds real-time security intelligence directly into the AI codin [...]

MCP stacks have a 92% exploit probability: How 10 plugins became enterprise security's biggest blind spot

The same connectivity that made Anthropic's Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity's most dangerous blind spot. [...]

Anthropic says its most powerful AI cyber model is too dangerous to release publicly — so it built Project Glasswing

Anthropic on Tuesday announced Project Glasswing, a sweeping cybersecurity initiative that pairs an unreleased frontier AI model — Claude Mythos Preview — with a coalition of twelve major technolo [...]

Weaponized AI can dismantle patches in 72 hours — but Ivanti's kernel defense can help

Adversaries from cybercrime gangs to nation-state cyberattack squads are fine-tuning weaponized AI with the goal of defeating new patches in 3 days or less. The quicker the attack, the more time to ex [...]

Anthropic's Claude Code Security is available now after finding 500+ vulnerabilities: how security leaders should respond

Anthropic pointed its most advanced AI model, Claude Opus 4.6, at production open-source codebases and found a plethora of security holes: more than 500 high-severity vulnerabilities that had survived [...]

Meet Aardvark, OpenAI’s security agent for code analysis and patching

OpenAI has introduced Aardvark, a GPT-5-powered autonomous security researcher agent now available in private beta.Designed to emulate how human experts identify and resolve software vulnerabilities, [...]