home.social

#ai-security — Public Fediverse posts

Live and recent posts from across the Fediverse tagged #ai-security, aggregated by home.social.

fetched live
  1. Excited to be speaking at @wearedevelopers.bsky.social in Berlin! 🚀 Join my session, The Sound of Your Secrets: Teaching Your Model to Spy, So You Can Learn to Defend, to explore AI-powered acoustic side-channel attacks. 🔐 Details are in the comments below!

  2. 🛡️ This week in cybersecurity: AI Orchestration risks take center stage. We analyze a critical RCE in Open-Agent-Orchestrator and the emerging threat of model-based sandbox escapes. Keep your AI stack secure with our weekly breakdown. Full analysis here: cvedatabase.com/blog/weekly-cv

  3. Coding-Agents dürfen lokal fast alles, was auch du darfst: nützlich, aber riskant.

    Michael Krämer zeigt im neuen Blogpost, wie Docker Sandboxes (sbx) die Kontrolle out of the box liefern: MicroVM-Isolation, Dateizugriff nur aufs Projektverzeichnis, Netzwerk-Policies und ein Credential-Proxy. So läuft sogar der YOLO-Modus in der VM statt auf dem eigenen Laptop.

    📖 Jetzt lesen: innoq.com/ch/blog/2026/07/trus

    #AgenticSoftwareEngineering #AISecurity #Docker

  4. Coding-Agents dürfen lokal fast alles, was auch du darfst: nützlich, aber riskant.

    Michael Krämer zeigt im neuen Blogpost, wie Docker Sandboxes (sbx) die Kontrolle out of the box liefern: MicroVM-Isolation, Dateizugriff nur aufs Projektverzeichnis, Netzwerk-Policies und ein Credential-Proxy. So läuft sogar der YOLO-Modus in der VM statt auf dem eigenen Laptop.

    📖 Jetzt lesen: innoq.com/ch/blog/2026/07/trus

    #AgenticSoftwareEngineering #AISecurity #Docker

  5. winbuzzer.com/2026/07/06/aliba

    Alibaba is banning employee the use of Anthropic's Claude Code starting July 10 and shifts staff to its own Qoder platform over alleged user-identification security risks.

    #AI #ClaudeCode #Alibaba #Anthropic #Claude #Qwen #AICoding #AIAgents #AISecurity #ChinaAI

  6. winbuzzer.com/2026/07/06/aliba

    Alibaba is banning employee the use of Anthropic's Claude Code starting July 10 and shifts staff to its own Qoder platform over alleged user-identification security risks.

    #AI #ClaudeCode #Alibaba #Anthropic #Claude #Qwen #AICoding #AIAgents #AISecurity #ChinaAI

  7. AI-powered ransomware just automated a full attack. Patch your LLM integrations now.
    #AISecurity #Ransomware

  8. Watch this video to hear key take aways, insights, and observations from my attendance at OWASP Global AppSec EU in Vienna, Austria, 2026. #OWASP #AppSec #aisecurity

    twp.ai/E5Dkei

  9. Watch this video to hear key take aways, insights, and observations from my attendance at OWASP Global AppSec EU in Vienna, Austria, 2026. #OWASP #AppSec #aisecurity

    twp.ai/E5Dkei

  10. Watch this video to hear key take aways, insights, and observations from my attendance at OWASP Global AppSec EU in Vienna, Austria, 2026. #OWASP #AppSec #aisecurity

    twp.ai/E5DkeZ

  11. Watch this video to hear key take aways, insights, and observations from my attendance at OWASP Global AppSec EU in Vienna, Austria, 2026. #OWASP #AppSec #aisecurity

    twp.ai/E5DkeZ

  12. winbuzzer.com/2026/07/01/us-li

    The US has lifted export controls on Anthropic's Claude Fable 5 and Mythos 5 AI models, restoring Fable access while keeping Mythos tied to approved partners and government review.

    #AI #ExportControls #Anthropic #Fable5 #Mythos5 #Claude #AIRegulation #AISecurity #AISafety #AIModels

  13. winbuzzer.com/2026/07/01/us-li

    The US has lifted export controls on Anthropic's Claude Fable 5 and Mythos 5 AI models, restoring Fable access while keeping Mythos tied to approved partners and government review.

    #AI #ExportControls #Anthropic #Fable5 #Mythos5 #Claude #AIRegulation #AISecurity #AISafety #AIModels

  14. AI browsers can be tricked into entering a fake reality where their safety guardrails fail. Researchers demonstrated an attack called BioShocking that bypasses security measures in browsers like ChatGPT Atlas and Claude Chrome. Once lulled into the alternate reality, all 6 AI agents tested failed to detect credential theft. arstechnica.com/security/2026/ #AIagent #AI #GenAI #AISecurity

  15. AI browsers can be tricked into entering a fake reality where their safety guardrails fail. Researchers demonstrated an attack called BioShocking that bypasses security measures in browsers like ChatGPT Atlas and Claude Chrome. Once lulled into the alternate reality, all 6 AI agents tested failed to detect credential theft. arstechnica.com/security/2026/ #AIagent #AI #GenAI #AISecurity

  16. IronCurtain + GLM 5.2 found QEMU memory-corruption primitives from scratch, then almost autonomously chained the public EDU teaching device into a reproducible guest/host escape.

    EDU is not production attack surface, which is why I can show the full chain. Findings in real configurations stay withheld.

    What I want to highlight is that open-weight models, with orchestration and evidence gates, can now do serious vulnerability discovery and long-horizon exploit engineering.

    provos.org/p/qemu-escape-glm-5

    #AISecurity #QEMU #OpenWeights #IronCurtain

  17. IronCurtain + GLM 5.2 found QEMU memory-corruption primitives from scratch, then almost autonomously chained the public EDU teaching device into a reproducible guest/host escape.

    EDU is not production attack surface, which is why I can show the full chain. Findings in real configurations stay withheld.

    What I want to highlight is that open-weight models, with orchestration and evidence gates, can now do serious vulnerability discovery and long-horizon exploit engineering.

    provos.org/p/qemu-escape-glm-5

    #AISecurity #QEMU #OpenWeights #IronCurtain

  18. The evolution of AI-driven threats:
    From prompt injection & data poisoning ⇨ agent abuse & AI-powered social engineering.

    This #InfoQ virtual panel explores:
    • Emerging attack patterns
    • Incident response challenges
    • Changes security teams must make

    🔗 Read now: bit.ly/3QvrWzj

    #AI #AIsecurity #Governance

  19. The evolution of AI-driven threats:
    From prompt injection & data poisoning ⇨ agent abuse & AI-powered social engineering.

    This virtual panel explores:
    • Emerging attack patterns
    • Incident response challenges
    • Changes security teams must make

    🔗 Read now: bit.ly/3QvrWzj

  20. Security researchers built a fake AI agent skill and got it past every major security scanner, reaching 26,000 agents. The skill appeared safe during scans but swapped to a malicious URL after approval, showing how easily AI agents can be compromised. thenextweb.com/news/fake-ai-ag #Tech #Startup #News #AISecurity

  21. Security researchers built a fake AI agent skill and got it past every major security scanner, reaching 26,000 agents. The skill appeared safe during scans but swapped to a malicious URL after approval, showing how easily AI agents can be compromised. thenextweb.com/news/fake-ai-ag #Tech #Startup #News #AISecurity

  22. AI-assisted development is moving fast, and AppSec has to move with it.

    Shoutout to Symbiotic Security, a Silver Sponsor of AppSec Village, for supporting the community and the conversations around securing AI-generated code.

    Check them out: buff.ly/V8U1caS

    #AppSec #AISecurity #SecureCoding

  23. AI-assisted development is moving fast, and AppSec has to move with it.

    Shoutout to Symbiotic Security, a Silver Sponsor of AppSec Village, for supporting the community and the conversations around securing AI-generated code.

    Check them out: buff.ly/V8U1caS

    #AppSec #AISecurity #SecureCoding

  24. Explore how policy-driven security in Kubernetes AI platforms enforces governance using RBAC, Kyverno, OPA, and CI/CD automation to build secure AI systems. hackernoon.com/policy-driven-s #aisecurity

  25. Explore how policy-driven security in Kubernetes AI platforms enforces governance using RBAC, Kyverno, OPA, and CI/CD automation to build secure AI systems. hackernoon.com/policy-driven-s #aisecurity

  26. Been spending some time auditing an AI agent framework.

    Not the usual kind of security review — more like: what happens when you map trust boundaries across an architecture where the "user" and the "agent" both have tool access, code execution, and autonomy.

    Going through it systematically. Learning a lot about what makes agent security different — and what stays the same.

    #AI #AISecurity #CyberSecurity #AgentSecurity #AppSec #SecurityEngineering

  27. Been spending some time auditing an AI agent framework.

    Not the usual kind of security review — more like: what happens when you map trust boundaries across an architecture where the "user" and the "agent" both have tool access, code execution, and autonomy.

    Going through it systematically. Learning a lot about what makes agent security different — and what stays the same.

    #AI #AISecurity #CyberSecurity #AgentSecurity #AppSec #SecurityEngineering

  28. MEDIUM severity: Security-tool analysis shows AI alert tools in SOCs struggle with complex, evolving data and legacy systems. Neurosymbolic AI can enhance adaptability and auditability — no CVE, but operational risk remains. Details: radar.offseq.com/threat/why-yo #OffSeq #SOC #AIsecurity

  29. AI code scanner matched humans on every critical/high bug in 1,000+ codebases. Not a direct vuln, but signals a shift in code review practices. No affected systems listed. Benchmark details: radar.offseq.com/threat/an-ai- #OffSeq #AIsecurity #AppSec #ThreatIntel

  30. 🚀🕵️‍♂️ When 2,000 wannabe hackers stormed the gates of an AI assistant, they ended up with... nothing. 💥 Witness the riveting tale of an AI that valiantly defended its secrets, while a crowd of bored techies scratched their heads. 🤖🔐
    fernandoi.cl/posts/hackmyclaw/ #AIsecurity #wannabehackers #technews #cybersecurity #innovation #HackerNews #ngated

  31. 🚀🕵️‍♂️ When 2,000 wannabe hackers stormed the gates of an AI assistant, they ended up with... nothing. 💥 Witness the riveting tale of an AI that valiantly defended its secrets, while a crowd of bored techies scratched their heads. 🤖🔐
    fernandoi.cl/posts/hackmyclaw/ #AIsecurity #wannabehackers #technews #cybersecurity #innovation #HackerNews #ngated

  32. CLTCC Cybersecurity Program @cltcccybersecurity.wordpress.com@cltcccybersecurity.wordpress.com ·

    While You Sleep, This AI is Working: The Cybersecurity Reality No One is Telling You

    If you still think ChatGPT is just a tool for answering questions or drafting emails, you are already falling behind. Artificial Intelligence has officially shifted from reactive to proactive. It doesn't need you to sit at a keyboard anymore. Right now, as you read this, AI agents are working in the background on autopilot—taking action, monitoring schedules, and processing data while human professionals sleep. For a cybersecurity professional, this is a massive shift. Automated threat […]

    cltcccybersecurity.wordpress.c