ai

Critical Hugging Face Transformers Vulnerability Enables Remote Code Execution Attacks

A critical vulnerability (CVE-2026-4372) in the HuggingFace Transformers library allows remote code execution via malicious model configuration files, bypassing existing security controls. This flaw affects versions 4.56.0 through 5.2.x when used with the kernels package, enabling attackers to execute arbitrary Python code during model loading from HuggingFace Hub without user consent. HuggingFace fixed the issue in version 5.3.0 and advises users to upgrade immediately and audit their environments to mitigate supply chain risks in AI workflows.

https://cybersecuritynews.com/hugging-face-rce-vulnerability/

Attackers Use AI to Automate EDR Evasion Testing

Sophos X-Ops analysts discovered that an unidentified threat actor used AI-driven Python scripts to automate the testing and evasion of endpoint detection and response (EDR) tools from Sophos, CrowdStrike, and Windows Defender. This attacker created a sophisticated lab environment with multiple virtual machines to iteratively develop and refine malware capable of bypassing EDR defenses, highlighting the increasing use of AI in advanced cyberattack methods.

https://www.darkreading.com/endpoint-security/attackers-automate-edr-evasion-testing

Agentic AI Red Teaming Reveals Zero-Click Human-in-the-Loop Bypass Attack Chains

Security researchers have discovered that agentic AI systems—AI capable of planning and executing multi-step tasks autonomously—exhibit exploitable vulnerabilities that allow attackers to bypass human-in-the-loop controls entirely, executing zero-click attack chains without user interaction. Microsoft’s year-long red teaming efforts led to an updated taxonomy identifying seven new failure modes in agentic AI, highlighting risks such as supply chain compromise, goal hijacking, and session context contamination, and recommending robust architectural mitigations including cryptographic agent verification and hardened approval processes.

https://cybersecuritynews.com/agentic-ai-red-teaming-reveals-zero-click/

Meta AI Support Bot Helped Hackers Hijack Instagram Accounts

Meta's AI support assistant for Instagram was exploited by hackers to hijack high-profile accounts by changing the email address linked to those accounts without proper identity verification, sometimes bypassing two-factor authentication. The vulnerability, which was publicly accessible for a short time, allowed attackers to take over accounts easily, prompting Meta to patch the issue and secure impacted accounts.

https://www.macrumors.com/2026/06/01/meta-ai-instagram-attack/

ChatGPhish: The Page Is the Payload

Researchers discovered a new phishing and tracking attack called ChatGPhish that exploits ChatGPT's page summarization feature by injecting malicious Markdown links and images into web pages. When users summarize such pages in ChatGPT, the assistant renders active clickable links, spoofed alerts, and QR codes within its trusted interface, enabling phishing, cross-origin data leakage, and off-device attacks without traditional browser protections. This expands the attack surface from email to everyday browsing, highlighting risks in AI-generated outputs that automatically render untrusted external content inside trusted AI interfaces.

https://permiso.io/blog/chatgpt-markdown-rendering-vulnerability

Top Ethical Hacker Chompie Warns AI Tools Could Put Her Out of Business

Valentina Palmiotti, known as Chompie, a top ethical hacker who won major prizes at the Pwn2Own competition, warns that advanced AI tools like Claude Mythos could soon make it much harder for human hackers to compete in finding software vulnerabilities. While AI currently assists ethical hackers in speeding up their work, Chompie believes new AI models will soon handle most vulnerabilities, leaving only the very best human hackers able to discover novel bugs, which could significantly change the landscape of cybersecurity defense and offense.

https://www.bbc.com/news/articles/c3r2zjpryzro

AI Chatbot Recommendations Redirect Users to Cryptojacking Malware Sites

Microsoft has alerted to an active cryptojacking campaign that uses AI chatbot interactions to redirect users seeking legitimate system utilities to attacker-controlled domains hosting malware. This sophisticated attack targets users with high-performance GPUs by delivering malicious installers that establish persistent remote access, enabling cryptocurrency mining and potential further exploitation such as data theft or ransomware.

https://thehackernews.com/2026/05/ai-chatbot-recommendations-redirect.html

Microsoft Copilot Cowork Exfiltrates Files

Microsoft Copilot Cowork in Microsoft 365 is vulnerable to file exfiltration attacks via indirect prompt injection, exploiting the fact that sending emails and Teams messages to the active user occurs without manual approval. Attackers can use poisoned skills to cause Copilot Cowork to send messages containing pre-authenticated download links to sensitive files, which are exfiltrated when the user opens the messages, posing a significant security risk that can be mitigated by restricting permissions and file downloads in SharePoint.

https://www.promptarmor.com/resources/microsoft-copilot-cowork-exfiltrates-files

Anthropic to Release Mythos-class Models to the Public

Anthropic plans to publicly release its Mythos-class AI models, known for their exceptional ability to find security vulnerabilities in code, once stronger safeguards against misuse are developed. Currently, Mythos is available only to select partners, including governments, as unrestricted access could enable cybercriminals to exploit software flaws rapidly, and the company acknowledges that no existing safeguards fully prevent potential harm from these models.

https://www.theregister.com/security/2026/05/25/anthropic-to-release-mythos-class-models-to-the-public/5245596

Google’s AI Is Being Manipulated. The Search Giant Is Quietly Fighting Back

A BBC investigation revealed that AI chatbots like Google's AI and ChatGPT can be easily manipulated by publishing targeted content online, causing them to spread misinformation on critical topics such as health and finance. In response, Google has updated its spam policies to combat such manipulation, signaling increased efforts by AI companies to prevent abuse, though experts warn that manipulators often stay ahead and users should remain cautious about AI-generated answers.

https://www.bbc.com/future/article/20260519-google-tackles-attempts-to-hack-its-ai-results

Project Glasswing: What Mythos Showed Us

Project Glasswing involved testing Anthropic's Mythos Preview, a security-focused large language model (LLM), on Cloudflare's code repositories to identify vulnerabilities. Mythos Preview demonstrated advanced capabilities in chaining multiple low-severity bugs into exploitable chains and generating working proof-of-concept exploits, significantly improving the quality and actionability of vulnerability findings compared to previous models. Cloudflare noted the importance of using a tailored harness for narrow, parallel tasks and additional safeguards, as well as rethinking security workflows to handle faster detection while managing the complexity of patching and defense.

https://blog.cloudflare.com/cyber-frontier-models/

OpenAI’s GPT-5.5 Is as Good as Mythos at Finding Security Vulnerabilities – Schneier on Security

The UK’s AI Security Institute evaluated OpenAI’s GPT-5.5 and found that its capability to identify security vulnerabilities is comparable to Anthropic’s Claude Mythos model, with GPT-5.5 being generally available. This evaluation highlights the advancing role of large language models in cybersecurity, although discussions note limitations in reasoning and the potential plateau in detecting new attack classes without human input.

https://www.schneier.com/blog/archives/2026/05/openais-gpt-5-5-is-as-good-as-mythos-at-finding-security-vulnerabilities.html

Frontier AI Models Reap Rapid Discovery of Security Vulnerabilities

Frontier AI models, such as those tested by Palo Alto Networks under Project Glasswing, are accelerating the discovery of software security vulnerabilities, with 26 new common vulnerabilities recently disclosed compared to the usual five. While these AI tools offer potential for integrating security into the software development lifecycle, experts warn organizations have a limited three- to five-month window to leverage AI defensively before AI-driven exploitation becomes widespread.

https://www.cybersecuritydive.com/news/frontier-ai-rapid-discovery-security-vulnerabilities/820258/

Hackers Used AI to Develop First Known Zero-Day 2FA Bypass for Mass Exploitation

Google disclosed that hackers have used artificial intelligence to develop the first known zero-day exploit capable of bypassing two-factor authentication (2FA) for mass exploitation. The zero-day vulnerability, implemented in a Python script with characteristics of AI-generated code, targets a popular open-source web-based administration tool and demonstrates how AI models are accelerating the discovery and weaponization of software vulnerabilities.

https://thehackernews.com/2026/05/hackers-used-ai-to-develop-first-known.html

China Scrambles to Close AI Cyber Gap as Anthropic, OpenAI Surge with New Models

China is rapidly expanding its AI-driven cybersecurity industry to close the gap with US leaders like Anthropic and OpenAI, whose new models have advanced capabilities in discovering and exploiting cybersecurity vulnerabilities. According to IDC, China’s AI cybersecurity market is projected to grow from 1.58 billion yuan in 2025 to 59.35 billion yuan (US$8.7 billion) by 2030, driven by widespread adoption of AI technologies among domestic cybersecurity vendors.

https://www.scmp.com/tech/tech-trends/article/3352978/china-scrambles-close-ai-security-gap-anthropic-openai-pull-ahead-new-models

Scroll to Top