LLMs

Autonomous AI-driven worm can reason its way through corporate networks

June 3, 2026

Researchers at the University of Toronto, the Vector Institute, and the University of Cambridge have built and tested a proof-of-concept AI-driven worm that does not operate …

AI red teaming agents change how LLMs get tested

May 21, 2026

Adversarial probing of LLMs has piled up a sprawling toolkit over the past three years. Attack techniques with names like Tree of Attacks with Pruning, Crescendo, and Skeleton …

When your AI assistant has the keys to production

May 20, 2026

Large language models in operational roles query telemetry, propose configuration changes, and in some deployments execute those changes against live infrastructure. Ticket …

The AI backdoor your security stack is not built to see

May 18, 2026

Enterprises deploying LLMs have spent the past two years building defenses around a reasonable assumption: malicious behavior leaves a trace in the input. Scan for suspicious …

Sandyaa: Open-source autonomous security bug hunter

May 13, 2026

Source code auditing has traditionally relied on static analyzers that flag long lists of potential issues, leaving engineers to sort bugs from noise. A new open-source …

HEIDI: Free IDE security plugin for open-source vulnerability checks

May 12, 2026

Open-source dependencies make up a large percentage of the code in production applications, and most vulnerability checks still run late in the pipeline, inside CI/CD systems …

Cutting the cost of SIEM rule conversion

May 6, 2026

You inherit two thousand detection rules from an acquisition. They are written for a platform your company does not use. Your senior detection engineer estimates six months to …

Unpatched flaws turn Ollama’s auto-updater into a persistent RCE vector, researchers say

May 5, 2026

Researchers at Striga have disclosed two vulnerabilities (CVE-2026-42248, CVE-2026-42249) in Ollama’s Windows auto-updater that, when chained together, may allow an …

Can your coding style predict whether your code is vulnerable?

May 5, 2026

Developers leave fingerprints in the code they write. Naming choices, indentation patterns, preferred APIs, and the way someone structures a loop or handles a pointer all …

What researchers learned about building an LLM security workflow

May 4, 2026

Security operations centers are running into the same wall everywhere. Detection tools generate more alerts than analysts can work through, and the early stages of any …

Open-source privacy proxy masks PII before prompts reach external AI services

May 1, 2026

Enterprise developers routinely send prompts to external large language models that contain customer emails, support transcripts, and other identifying information, often …

Automated LLM red teaming gets a learning layer

April 30, 2026

Automated red teaming of large language models has settled into a familiar pattern over the past two years. An attacker model generates jailbreak attempts against a target …