Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix ...
Ventureburn

MEXC Review May 2026: Is It A Safe Crypto Exchange?

MEXC Futures M-Day is a promotional futures event in which customers trade USDT-M or Coin-M futures for a chance to win ...

Critical vm2 sandbox bug lets attackers execute code on hosts

A critical vulnerability in the popular Node.js sandboxing library vm2 allows escaping the sandbox and executing arbitrary ...
Bleeping Computer

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used JavaScript implementation of Google's Protocol Buffers. The tool is highly ...
The Hacker News

OpenAI Launches Daybreak for AI-Powered Vulnerability Detection and Patch Validation

OpenAI launched Daybreak with GPT-5.5-Cyber tools as AI accelerates vulnerability discovery and exploit timelines.
The Hacker News

vm2 Node.js Library Vulnerabilities Enable Sandbox Escape and Arbitrary Code Execution

CVE-2026-44009 (CVSS score: 9.8) - A vulnerability that allows sandbox escape via a null proto exception and permits an ...
adtmag.com

More Code, More Bugs: Faros Report Finds Tradeoffs In AI-Driven Software Development

Output rose sharply: Faros found that higher AI adoption was associated with a 34% increase in task completion per developer and a 66% increase in epics completed per developer. Quality and review ...
Mint

Did Anthropic ‘dumb down’ Claude Code? Post-mortem reveals the three bugs that crippled performance

Over the last few weeks, social media has been filled with complaints about Anthropic's Claude Code feeling slower and dumber, which was evident in the coding quality and the increased memory issues.

One command turns any open-source repo into an AI agent backdoor. OpenClaw proved no supply-chain scanner has a detection category for it

CLI-Anything generates SKILL.md files that AI agents trust and execute. Snyk found 13.4% of agent skills contain critical ...
Dark Reading

Reverse Engineering With AI Unearths High-Severity GitHub Bug

Wiz used an AI reverse-engineering tool to pinpoint a vulnerability that previously would have been too costly and ...