en
Feedback
AISecHub

AISecHub

Open in Telegram

Powered by InnovGuard.com | Business inquiries: https://calendly.com/innovguard/meeting | tal.eliyahu@innovguard.com

Show more
The country is not specifiedTechnologies & Applications27 759
2 496
Subscribers
+224 hours
+197 days
+9430 days

Data loading in progress...

Similar Channels
No data
Any problems? Please refresh the page or contact our support manager.
Tags Cloud
cybersecurity3
sabotage3
apt2
bench2
claude2
detection2
enterprise2
failure2
owasp2
recovery2
testing2
Incoming and Outgoing Mentions
---
---
---
---
---
---
Attracting Subscribers
June '26
June '26
+108
in 3 channels
May '26
+163
in 4 channels
Get PRO
April '26
+100
in 2 channels
Get PRO
March '26
+192
in 3 channels
Get PRO
February '26
+239
in 5 channels
Get PRO
January '26
+394
in 4 channels
Get PRO
December '25
+204
in 4 channels
Get PRO
November '25
+140
in 4 channels
Get PRO
October '25
+167
in 3 channels
Get PRO
September '25
+270
in 1 channels
Get PRO
August '25
+95
in 1 channels
Get PRO
July '25
+93
in 2 channels
Get PRO
June '25
+68
in 1 channels
Get PRO
May '25
+375
in 3 channels
Get PRO
April '25
+43
in 2 channels
Get PRO
March '25
+735
in 1 channels
Date
Subscriber Growth
Mentions
Channels
29 June0
28 June+3
27 June+2
26 June+6
25 June+1
24 June+4
23 June+2
22 June+4
21 June+7
20 June+2
19 June+2
18 June+7
17 June+6
16 June+12
15 June+2
14 June+2
13 June+6
12 June+1
11 June+1
10 June+7
09 June+4
08 June+4
07 June+1
06 June0
05 June+2
04 June+5
03 June+6
02 June+4
01 June+5
Channel Posts
AISecHub
AI Security Newsletter - June 2026 A digest of AI security research, insights, reports, upcoming events, tools, videos, and resources, all in one place. #AIsecurity #AdversarialAI #RedTeamAI #LLMsecurity #AINewsletter https://www.linkedin.com/pulse/ai-security-newsletter-june-2026-tal-eliyahu-rmpwf/

2
No text...
42
3
No text...
54
4
No text...
4
5
No text...
4
6
Big news! I got engaged to my girl today 😎 Now we’re officially combining our token stash.
132
7
Finding bugs is becoming cheaper - https://cyber-biz.com/blog/open-source-security-reset The hard part now is proving that fi
Finding bugs is becoming cheaper - https://cyber-biz.com/blog/open-source-security-reset The hard part now is proving that fixes are validated, reviewed, shipped, and actually deployed. GitHub’s fund, Akrites, and Patch the Planet point to the same shift: open source security is moving from vulnerability discovery to repair capacity. Tools like Trivy and KICS show why this matters. Discovery is scaling fast. The bottleneck is now coordinated remediation, verified fixes, and getting patches into the software people actually run.
203
8
No text...
61
9
No text...
52
10
GHSA-rp72-5v5q-2446: @cardano402/mcp-server missing spending limits, LAN-exposed HTTP transport, and SSRF via catalog.server.url The advisory describes three MCP-server trust-boundary failures: payment tool calls can be signed without configurable spending limits, the HTTP transport may be reachable on the LAN, and an attacker-controlled catalog.server.url can drive SSRF-style outbound requests. #MCP #AgentSecurity #AISecurity #Advisory https://github.com/advisories/GHSA-rp72-5v5q-2446
210
11
No text...
81
12
No text...
80
13
No text...
80
14
CVE-2026-49291: mcp-memory-service OAuth read-only clients can write/delete memories via MCP tools/call The advisory describes an OAuth scope check placed only at the /mcp JSON-RPC boundary: requests with read scope can still reach tools/call handlers that invoke mutating tools like storememory and deletememory, enabling state changes despite “read-only” authorization. #MCP #AgentSecurity #AISecurity #Advisory https://github.com/advisories/GHSA-2r68-g678-7qr3
252
15
CVE-2026-49257: mcp-pinot unauthenticated tool invocation when oauthenabled defaults to false and binds to 0.0.0.0 The advisory describes a configuration-driven auth bypass: if oauthenabled is left false and the server listens on 0.0.0.0, remote clients may be able to invoke MCP tools without authentication; the advisory notes a fix in v3.1.0. #MCP #AgentSecurity #AISecurity #Advisory https://github.com/advisories/GHSA-73cv-556c-w3g6
217
16
No text...
53
17
CVE-2026-49357: Streamable HTTP mode exposes LINE Desktop MCP read/send tools without authentication The advisory describes a mode where the MCP server binds to 0.0.0.0 and exposes LINE Desktop read/send tools without MCP authentication, turning network reachability into the effective gate for tool access. #MCP #AgentSecurity #AISecurity #Advisory https://github.com/advisories/GHSA-4hf8-5mjm-rfgq
181
18
Prompt Injection in Automated Résumé Screening with LLMs (Single and Multi-Injection Settings) Controlled experiments on LLM-based résumé ranking show injection text can bias outcomes most when applicants are similar and only a few inject; as injection becomes common, gains diminish, and in mixed-quality pools it can sometimes let weaker candidates outrank stronger ones. #PromptInjection #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.27287
177
19
Amazon Q Developer MCP Handling Flaw Could Let Malicious Repos Trigger Code Execution Reportedly, opening and trusting a malicious repo could register/activate attacker-controlled MCP servers via config handling in Amazon Q Developer, allowing the agent to execute commands through its tool interface; Amazon says it has patched the issue. #MCP #AgentSecurity #AISecurity #News https://thehackernews.com/2026/06/amazon-q-developer-flaw-could-let.html
184
20
MIRROR: Novelty-Constrained Memory-Guided MCTS Red-Teaming for Agentic RAG Describes a red-teaming method for multimodal agentic RAG that uses memory-guided Monte Carlo tree search plus a deterministic novelty gate to prevent retrieval-context copying while generating cross-surface attacks (e.g., poisoning, image injection, orchestrator/tool manipulation). #AgentSecurity #LLMSecurity #AISecurity #Research https://arxiv.org/abs/2606.26793
202
View all posts