Sysdig documented the first fully autonomous AI ransomware campaign. JADEPUFFER exploited Langflow, encrypted 1,300+ Nacos records, and rewrote its own failed payloads in 31 seconds.
A Bitdefender study finds most businesses pressure staff to conceal breaches. The silence buys attackers time, and AI is already exploiting the gap.
CVE-2026-46242 turns a six-instruction race in Linux epoll into a 99% reliable root exploit reachable from a Chrome renderer. Here's what platform leads need to decide this quarter.
A 1998 "mock" dataset in an IBM-managed cloud environment exposed 70,000 real Singaporeans. The live systems held. The vendor sandbox didn't.
A pseudonymous researcher dropped 30+ AI-fuzzed zero-days on GitHub with no vendor coordination. Platform leads now own an unbudgeted patch cycle.
Google says it caught the first zero-day exploit likely built with AI assistance, a 2FA bypass against an open source admin tool. Here's what platform leads should do.
A Wiz-discovered flaw in Amazon Q Developer auto-ran commands from workspace configs on repo open, putting AWS credentials in reach via a single cloned repo.