GPT-5.1 Codex-Max can now code independently for hours inside terminals, IDEs and Windows environments. That jump from helper to autonomous coding agent dramatically changes the threat model, turning AI-generated patches, permissions and pipelines into first-class security concerns.
Newly disclosed vulnerabilities in the Ollama framework allow attackers to execute arbitrary code by feeding the server malicious GGUF model files. This article explains how the mllama metadata parsing flaw works, why versions before 0.7.0 are at risk, and what AI security teams should do to harden their local LLM infrastructure against code execution attacks.
AI-powered fraud is expanding at an unprecedented rate as criminals weaponize generative models, deepfakes and automated identity systems. Organizations must strengthen identity verification and adopt resilience-first strategies to withstand this next-generation threat.
Researchers uncovered serious AI bugs across Meta, Nvidia, Microsoft and open-source inference frameworks after tracking a ShadowMQ deserialization pattern built on ZeroMQ and Python pickle. At the same time, new research shows how Cursor’s AI IDE can be hijacked via rogue MCP servers, turning developer workstations into high-value malware delivery platforms if teams ignore AI supply-chain security.
Researchers hammered ChatGPT, Gemini, and Claude with adversarial prompts across hate, self-harm, sexual content, and crime. Gemini Pro 2.5 leaked the most unsafe answers, Gemini Flash 2.5 resisted best, and Claude models looked strict but cracked under “academic-style” questions in some categories.
Threat actors now pair generative AI with trusted cloud apps to breach manufacturing. They deliver malware through OneDrive/GitHub, steal API keys and tokens, and persist via OAuth consent. Without governed AI usage, Cloud DLP, and consent controls, factories face quiet IP theft and escalating downtime risks.
NVIDIA’s Jensen Huang says there are no active discussions to sell Blackwell chips to China. Because U.S. export controls bind shipments and Beijing restricts foreign accelerators in state-funded data centers, near-term access looks unlikely. This analysis explains what that means for procurement, security, and model roadmaps and how to design for heterogeneous accelerators without betting your budget on rumors.
Encrypted doesn’t mean invisible. Microsoft’s “Whisper Leak” shows a passive observer can classify AI chat topics by watching packet sizes and timing on streaming language models. Here’s how the side-channel works, who can exploit it, and which mitigations actually move the needle.
Exposed Ollama APIs and a critical NVIDIA Container Toolkit flaw raise the stakes for AI infrastructure. Authenticate Ollama, close public 11434, and patch NCT to stop container escapes. Stream LLM and runtime logs off-box, rotate tokens, and validate least-privilege settings to keep model IP and GPU workers safe.
Researchers documented CVSS 8.9 command injection in three official Claude Desktop extensions Chrome, iMessage, and Apple Notes. Because those connectors built AppleScript commands with unescaped user input, prompt injection could pivot from web content to local shell execution on macOS. Anthropic patched the issues. This analysis explains the exploit chain, the fixes, and the validation steps security teams should run to keep MCP servers safe.