Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds

How mature is your AI agent security? VentureBeat's survey of 108 enterprises maps the gap between monitoring and isolation — ...
Decrypt

Anthropic’s Alarming Mythos Findings Replicated With Off-the-Shelf AI, Researchers Say

Security researchers used GPT-5.4 and Claude Opus 4.6 in an open-source harness to reproduce Anthropic's Mythos vulnerability ...
Hackaday

This Week In Security: Docker Auth, Windows Tools, And A Very Full Patch Tuesday

CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...
SecurityWeek

In Other News: Satellite Cybersecurity Act, $90K Chrome Flaw, Teen Hacker Arrested

ShinyHunters targets Rockstar Games, ShowDoc vulnerability exploited in the wild, and EPA to boost cybersecurity budget to $19 million ...
Dark Reading

Critical MCP Integration Flaw Puts NGINX at Risk

Attackers can abuse the near-maximum severity flaw in nginx-ui to restart, create, modify, and delete NGINX configuration ...

Fiverr Denies ‘Major Security Lapse’ Despite Private User Data Appearing in Google Search

A researcher flagged the vulnerability 40 days ago with no response from Fiverr. Now tax returns, driver's licenses, and ...
CSO Online

Critical nginx UI tool vulnerability opens web servers to full compromise

The vulnerability, with a CVSS score of 9.8, relates to the software’s support for Model Context Protocol (MCP) servers, ...
Cryptopolitan on MSN

Anthropic and OpenAI tighten security as AI models show advanced hacking ability

Artificial intelligence companies, Anthropic and OpenAI, are taking serious steps to address the growing risks associated ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Infosecurity Magazine

Critical Nginx-ui MCP Flaw Actively Exploited in the Wild

A critical authentication bypass in nginx-ui, a widely used open-source web interface for managing nginx servers, has been ...
Cloud Security Alliance

When AI Agents Serve Shared Workspaces, Authorization Must Follow the Audience

Explores how AI agents retrieve data with user permissions yet expose outputs to mixed audiences, urging audience-aware authorization.