CVE-2026-33017, a CVSS 9.8 unauthenticated RCE in Langflow, has been added to the CISA KEV catalog after active exploitation deploying a self-spreading Monero cryptominer across exposed AI workflow environments.
The latest AI security developments, threats, and industry updates.
CVE-2026-33017, a CVSS 9.8 unauthenticated RCE in Langflow, has been added to the CISA KEV catalog after active exploitation deploying a self-spreading Monero cryptominer across exposed AI workflow environments.
LayerX Security demonstrated a technique that conditions AI browsers to accept false context, then exploits that state to extract credentials. Six mainstream AI browsers failed the test.
Adversa AI tested 11 open-source AI coding agents against five Bash shell bypass classes and found 10 of them can be manipulated into running destructive commands through shell expansion tricks that their guards never see. Only Continue passed every case.
CVE-2026-12957 lets a malicious repository silently execute arbitrary commands the moment a developer opens it in Amazon Q Developer, exfiltrating AWS credentials with no user interaction required.
Zenity Labs has documented attackers exploiting unpatched LiteLLM vulnerabilities and unauthenticated Ollama endpoints to run autonomous pentesting campaigns, steal compute, and exfiltrate data from victim organisations.