‘GhostApproval’ technique leads AI coding tools to alter files outside of sandboxLaura FrenchJuly 9, 2026The technique abuses symlinks to escape the intended workspace and weaken human-in-the-loop protections.
Here’s what our industry learned the past 90 days since the Mythos announcementDanny JenkinsJuly 8, 2026
New TrojPix technique uses screen pixels to exfiltrate data from air-gapped computersSC StaffJuly 7, 2026
CISA to finalize critical infrastructure cyber incident reporting rule in SeptemberSC StaffJuly 7, 2026
Vulnerability ManagementCISA adds ColdFusion, Langflow, and Joomla bugs to known exploited vulnerabilities listSteve ZurierJuly 8, 2026Three of the four flaws added to CISA's KEV list were critical.
Critical Infrastructure SecurityRep. Josh Harder: US must build more housing, infrastructureSC StaffJuly 8, 2026At ICIT event, California congressman urges faster housing, infrastructure to cut costs.
AI/ML‘GitLost’ prompt injection leaks private repos via GitHub Agentic WorkflowsLaura FrenchJuly 8, 2026An issue opened on a public repository can lead the agent to disclose private details.
Cloud SecurityLinux bug dormant for 16 years can cause a VM escapeSteve ZurierJuly 7, 2026A single compromised hypervisor can grant root privileges over the server.
AI/MLMalicious websites trick AI agents into crypto payments, context poisoningLaura FrenchJuly 7, 2026Indirect prompt injections hidden in HTML were discovered on sites targeting developers and cryptocurrency owners.
Supply chainNorth Korean PolinRider supply chain attack targets 108 unique reposSteve ZurierJuly 6, 2026Socket says the campaign remains active and more attacks are likely.
Ransomware1st ‘agentic ransomware’ JADEPUFFER invades database at machine speedLaura FrenchJuly 2, 2026The LLM fixed a failed login attempt within 31 seconds, demonstrating real-time adaptability.
Vulnerability ManagementCISA adds SharePoint flaw to known exploited vulnerabilities listSteve ZurierJuly 2, 2026SharePoint offers bad actors a roadmap into how an organization operates.