AI
White House Considers Vetting AI Models Before They Are Released
A review process could be similar to one being developed in Britain, which has assigned several government bodies to ensure that A.I. models meet certain safety standards.
We Scanned 1 Million Exposed AI Services. Here's How Bad the Security Actually Is
The researchers found:
- Poor deployment practices: Insecure defaults, misconfigured Docker setups, hardcoded credentials, applications running as root
- No authentication on fresh installs: Many projects drop users straight into a high-privilege account with full management access
- Hardcoded and static credentials: Embedded in setup examples and docker-compose files rather than generated on installation
- New technical vulnerabilities: Within a couple of days of lab work, we had already found arbitrary code execution in one popular AI project
Infosec
Bleeding Llama: Critical Unauthenticated Memory Leak in Ollama
Unauthenticated attackers were able to leak the entire Ollama process memory, potentially impacting 300,000 servers globally.
The leaked memory contains user messages (prompts), system prompts, and environment variables.
This has apparently been patched since 0.17.1 (Feb 23, 2026).
Microsoft Edge Stores Passwords in Process Memory, Posing Enterprise Risk
An attacker with administrative privileges can gain access to Microsoft Edge user passwords even when they're not in use, because the browser stores them in cleartext in process memory as part of a design decision by Microsoft.
Something that seems counter-intuitive about the issue is that for a user to access their saved passwords in Edge, they must type in a separate password, Rønning says. However, the cleartext storage issue in the browser basically can cancel this out if exploited, letting someone access all Edge passwords even when an Edge session itself isn't active on someone's machine, he notes.
Singapore boffins get diverse SIEMs singing in harmony with agentic rule translation
Vendors all use different formats. This tech translates them all so you can smooth your SOC
iconSimon Sharwood
Cisco Moves to Acquire Astrix Security to Tackle Non-Human Identity Risks
Astrix Security is a startup focused on securing non-human identities (NHIs) such as API keys, service accounts, and OAuth tokens increasingly used by applications and AI agents. Astrix’s technology is designed to help organizations discover, govern, and secure these identities, including detecting excessive privileges and real-time threats.
Shadow IT has given way to shadow AI. Enter AI-BOMs
While a traditional SBOM includes all of the software packages and dependencies in the organization, an AI-BOM aims to cover the gaps introduced by AI assets by providing visibility across all of the models, datasets, SDK libraries, MCP servers, ML frameworks, agents, agentic skills, prompts, and other AI tools - plus how these AI components interact with each other and connect to workflows.
NHS to close-source hundreds of GitHub repos over AI, security concerns
"Public repositories materially increase the risk of unintended disclosure of source code, architectural decisions, configuration detail, and contextual information that may be exploited – particularly given rapid advancements in AI models capable of large-scale code ingestion, inference, and reasoning (e.g. developments such as the Mythos model)."
Canadian election databases use “canary traps”—and they work
Political parties can legally get access to the Canadian electoral list, but they cannot share the list with a third party. The government seeded each copy of the list with unique bogus data, so they were able to identify the source of an unauthorized copy: the Republican Party of Alberta.
Researchers report Amazon SES abused in phishing to evade detection
Attackers are finding access keys and sending emails from SES accounts, which have a good reputation and pass email security tests.
CloudZ malware abuses Microsoft Phone Link to steal SMS and OTPs
Microsoft Phone Link comes installed on Windows 10 and 11, and allows using the computer to make and take calls, respond to texts, or view notifications received on the mobile device (Android and iOS).
By leveraging the application, the threat actor could intercept sensistive messages delivered to the target's mobile phone without compromising the device.
Critical Remote Code Execution Vulnerability Patched in Android
The flaw, tracked as CVE-2026-0073, affects Android’s System component, allowing an attacker to exploit it to execute code as the shell user without additional execution privileges. User interaction is not required for exploitation.
Backdoored PyTorch Lightning package drops credential stealer
A malicious version of the PyTorch Lightning package published on the Python Package Index (PyPI) delivers a credential-stealing payload targeting browsers, environment files, and cloud services.
Google's Android Apps Get Public Verification to Stop Supply Chain Attacks
"This new public ledger ensures the Google apps on your device are exactly what we intended to build and distribute," Google's product and security teams said.
|