Weekly · News
AI Security — week of 2026-06-01
ChatGPT Vulnerable to Phishing Attacks
The Hacker News · 2026-05-29 · corroborated · reporting
ChatGPT’s vulnerability to phishing attacks via prompt injection poses a significant security risk.
Also: BleepingComputer · The Register Sec · The Register Sec
AI-Powered Attacks Target Ukraine
The Hacker News · 2026-05-29 · corroborated · reporting
GREYVIBE’s use of AI-powered attacks against Ukraine highlights the growing threat of AI-assisted offense.
Also: The Register Sec
AI-Generated Code Not Accepted by SQLite
Simon Willison · 2026-05-27 · single-source · research
SQLite’s rejection of AI-generated code raises questions about the reliability and security of AI-produced software.
Claude Sandboxing Techniques
Simon Willison · 2026-05-30 · single-source · research
Anthropic’s Claude sandboxing techniques demonstrate a promising approach to containing AI agents.
AI-Assisted Bug Hunting Boosts Security
The Hacker News · 2026-05-23 · corroborated · reporting
The use of AI-powered bug hunting has significantly improved vulnerability discovery and security.
Also: The Register Sec
Copilot Cowork Leaks Files via Prompt Injection
Simon Willison · 2026-05-26 · single-source · research
The vulnerability of Copilot Cowork to prompt injection attacks highlights the need for improved security measures in AI-assisted development tools.
AI Security Incidents Affect Half of Organizations
The Register Sec · 2026-05-27 · corroborated · reporting
The prevalence of AI-related security incidents underscores the importance of addressing AI security risks.
Also: The Register Sec
Meta AI Bot Vulnerable to Password Reset Tricks
Krebs on Security · 2026-06-01 · single-source · reporting
The vulnerability of Meta’s AI-powered support bot to password reset tricks poses a significant security risk.
OpenAI Codex Tokens Stolen in Supply Chain Attack
The Hacker News · 2026-06-01 · single-source · reporting
The theft of OpenAI Codex tokens in a supply chain attack highlights the need for improved security measures in AI development.
Malicious npm Package Targets Claude AI User Files
The Hacker News · 2026-05-27 · single-source · reporting
The discovery of a malicious npm package targeting Claude AI user files underscores the importance of securing AI-related infrastructure.
AI Chatbots Spread Cryptojacking Malware
The Hacker News · 2026-05-27 · single-source · reporting
The use of AI chatbots to spread cryptojacking malware highlights the growing threat of AI-assisted attacks.
AI-Powered DDoS Attacks Become More Powerful
The Hacker News · 2026-05-26 · single-source · reporting
The increasing power of AI-powered DDoS attacks poses a significant threat to online security.
CERT-In Urges Faster Patching Due to AI-Assisted Attacks
The Hacker News · 2026-05-26 · corroborated · reporting
The need for faster patching in response to AI-assisted attacks highlights the importance of proactive security measures.
Also: The Register Sec
Megalodon Attacks GitHub CI/CD Workflows
The Hacker News · 2026-05-22 · single-source · reporting
The vulnerability of GitHub CI/CD workflows to Megalodon attacks underscores the need for improved security in AI-related development infrastructure.
Gemini Jailbreak Uses AI in Hacking Spree
The Register Sec · 2026-05-22 · single-source · reporting
The use of AI in the Gemini jailbreak highlights the growing threat of AI-assisted attacks.
Microsoft Opensources AI Safety Tools
The Register Sec · 2026-05-21 · single-source · reporting
Microsoft’s open-sourcing of AI safety tools demonstrates a commitment to improving AI security.
Undisclosed AI Sandbox Vulnerability Poses Risk
The Register Sec · 2026-05-20 · single-source · reporting
The existence of an undisclosed AI sandbox vulnerability highlights the need for improved security measures in AI development.
AI Speeds Up Vulnerability Discovery
Schneier · 2026-06-01 · single-source · analysis
The use of AI in vulnerability discovery has significant implications for security disclosure dynamics.
AI Aids macOS Exploit
Schneier · 2026-05-21 · single-source · analysis
The use of AI in exploiting macOS vulnerabilities highlights the growing threat of AI-assisted attacks.
Benchmarks Don’t Measure AI Security
Schneier · 2026-05-20 · single-source · analysis
The limitations of benchmarks in measuring AI security underscore the need for more comprehensive evaluation methods.
Nx Console Supply Chain Vulnerability
CISA Advisories · 2026-05-28 · single-source · advisory
The discovery of a supply chain vulnerability in Nx Console highlights the importance of securing AI-related infrastructure.
Claude Opus 4.8 Improves Honesty
Simon Willison · 2026-05-28 · single-source · research
The improvement of honesty in Claude Opus 4.8 demonstrates progress in AI development.
curl Team Overwhelmed by AI-Assisted Reports
Simon Willison · 2026-05-26 · single-source · research
The overwhelming of the curl team by AI-assisted reports highlights the need for improved security measures in AI-related development infrastructure.
Monty Sandbox Shows Promise
Simon Willison · 2026-05-22 · single-source · research
The Monty sandbox demonstrates a promising approach to containing AI agents.
AI Writes Cisco Reports with Errors
The Register Sec · 2026-05-22 · single-source · reporting
The use of AI in writing Cisco reports with errors highlights the limitations of AI-assisted development tools.
GlassWorm Malware Affects Dev Supply Chain
The Hacker News · 2026-05-27 · single-source · reporting
The discovery of GlassWorm malware affecting the dev supply chain underscores the importance of securing AI-related infrastructure.
AI Security Incidents Require Improved Measures
The Register Sec · 2026-05-27 · single-source · reporting
The prevalence of AI-related security incidents highlights the need for improved security measures.
AI-written emails
Simon Willison · 2026-05-26 · single-source · research
Security engineers should care about AI misuse
LLM agent used
The Hacker News · 2026-05-29 · single-source · reporting
AI-assisted offense expands attack scope