Вже доступно! Дослідження Telegram за 2025 — головні інсайти року 
AISecHub
Відкрити в Telegram
Powered by InnovGuard.com | Business inquiries: https://calendly.com/innovguard/meeting | tal.eliyahu@innovguard.com
Показати більшеКраїна не вказанаТехнології та додатки28 429
2 451
Підписники
-124 години
+187 днів
+14630 день
Триває завантаження даних...
Схожі канали
Немає даних
Виникли проблеми? Будь ласка, оновіть сторінку або зверніться до нашого support-менеджера.
Хмара тегів
Вхідні та вихідні згадування
---
---
---
---
---
---
Залучення підписників
червень '26
червень '26
+48
в 3 каналах
травень '26
+163
в 4 каналах
Get PRO
квітень '26
+100
в 2 каналах
Get PRO
березень '26
+192
в 3 каналах
Get PRO
лютий '26
+239
в 5 каналах
Get PRO
січень '26
+394
в 4 каналах
Get PRO
грудень '25
+204
в 4 каналах
Get PRO
листопад '25
+140
в 4 каналах
Get PRO
жовтень '25
+167
в 3 каналах
Get PRO
вересень '25
+270
в 1 каналах
Get PRO
серпень '25
+95
в 1 каналах
Get PRO
липень '25
+93
в 2 каналах
Get PRO
червень '25
+68
в 1 каналах
Get PRO
травень '25
+375
в 3 каналах
Get PRO
квітень '25
+43
в 2 каналах
Get PRO
березень '25
+735
в 1 каналах
| Дата | Залучення підписників | Згадування | Канали | |
| 15 червня | 0 | |||
| 14 червня | +2 | |||
| 13 червня | +6 | |||
| 12 червня | +1 | |||
| 11 червня | +1 | |||
| 10 червня | +7 | |||
| 09 червня | +4 | |||
| 08 червня | +4 | |||
| 07 червня | +1 | |||
| 06 червня | 0 | |||
| 05 червня | +2 | |||
| 04 червня | +5 | |||
| 03 червня | +6 | |||
| 02 червня | +4 | |||
| 01 червня | +5 |
Дописи каналу
| 2 |  https://github.com/SnailSploit/Claude-Red | 184 |
| 3 |  Немає тексту... | 215 |
| 4 | OpenSSL RCE via PKCS7/SMIME — Affects AI Infrastructure
Crafted PKCS7 or S/MIME messages can trigger remote code execution in OpenSSL. Affects every AI system processing signed external content — model serving endpoints, agent-to-agent channels, MCP servers using TLS.
#CriticalInfrastructure #RCE #AISecurity
https://openssl-library.org/news/secadv/20260609.txt | 1 |
| 5 | Anthropic Vulnerability Disclosure Ledger — AI-Assisted Discovery at Scale
Anthropic launched a public disclosure ledger for Glasswing/Mythos findings. 23,019 candidates generated, only 1,596 reached maintainers, 27 fixed vs. 88 claimed advisories, 168 findings approaching 90-day deadline. First public window into AI-assisted vuln discovery at scale.
#AIVulnerabilityDiscovery #Governance #AISecurity
https://www.vulncheck.com/blog/anthropic-ledger | 1 |
| 6 | Pipecat AI Framework Path Traversal — CVE-2026-44716
High-severity path traversal in Pipecat, an AI framework for building real-time voice and video agents. Allows unauthorized file access. Upgrade to 1.2.0+.
#AIFramework #Vulnerability #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 1 |
| 7 | vLLM Unbounded Frame DoS — CVE-2026-5497
High-severity denial-of-service in vLLM — the most popular open-source LLM serving engine. Can crash production inference endpoints. Patch pending.
#AIInfrastructure #DoS #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 1 |
| 8 | Langflow Path Traversal Actively Exploited — CVE-2026-5027
Path traversal in Langflow — a popular low-code AI application builder — allows arbitrary file write on exposed servers. Active exploitation confirmed. AI development platforms increasingly targeted as supply chain attack vectors.
#AIDevPlatform #Vulnerability #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 1 |
| 9 | LiteLLM Command Injection Added to CISA KEV — CVE-2026-42271
CISA added BerriAI LiteLLM — a widely deployed AI/ML API gateway — to the Known Exploited Vulnerabilities catalog. Any authenticated user can execute arbitrary commands on the host. Federal agencies must patch by June 22.
#AIInfrastructure #CISA #KEV #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 52 |
| 10 | Hugging Face Transformers RCE — CVE-2026-4372
Remote code execution via malicious AI model configuration files in the Hugging Face Transformers library. Attacker can craft a model config that executes arbitrary code when loaded — direct AI supply chain attack vector through poisoned models on Hugging Face Hub.
#AISupplyChain #Vulnerability #CVE #AISecurity
https://www.esecurityplanet.com/threats/hugging-face-vulnerability-allows-remote-code-execution/ | 278 |
| 11 | OpenClaw AI Agent Exploited via vCards and Location Pins — Code Execution + Data Exfiltration
Imperva and Varonis demonstrated that OpenClaw executes attacker-controlled code and leaks secrets via ordinary-looking inputs. Malicious instructions buried inside shared contacts, vCards, and location pins — the agent executed them without the victim seeing the payload.
#AIAgentSecurity #PromptInjection #IndirectInjection #AISecurity
https://thehackernews.com/2026/06/new-attacks-trick-openclaw-ai-agent.html | 237 |
| 12 | Claude Fable 5 Jailbroken Within Hours of Release — Safety Classifier Bypassed
Anthropic's first Mythos-class model — with dedicated safety classifier and 1,000+ hours of red-teaming — was jailbroken within hours via multi-agent decomposition: breaking harmful requests into innocuous subtopics and reassembling outputs. Produced stack buffer overflow exploit code and chemical synthesis walkthroughs.
#ModelSafety #Jailbreak #RedTeaming #AISecurity
https://cyberpress.org/claude-fable-5-jailbreak/ | 206 |
| 13 | MCP Security Crisis — 40+ CVEs, 106 Zero-Days, NSA Advisory
Model Context Protocol ecosystem: 40+ confirmed CVEs, 106 zero-days found by automated scanning (VIPER-MCP), 40% of internet-exposed servers have no authentication, NSA published formal advisory. OX Security's STDIO command injection flaw affects 150M+ downloads. Fastest-growing attack surface in AI security.
#MCPSecurity #AIAgentInfrastructure #ZeroDay #AISecurity
https://chatforest.com/builders-log/mcp-security-crisis-2026-unauthenticated-servers-viper-nsa-owasp-builder-guide | 2 |
| 14 | OpenSSL RCE via PKCS7/SMIME — Affects AI Infrastructure
Crafted PKCS7 or S/MIME messages can trigger remote code execution in OpenSSL. Affects every AI system processing signed external content — model serving endpoints, agent-to-agent channels, MCP servers using TLS.
#CriticalInfrastructure #RCE #AISecurity
https://openssl-library.org/news/secadv/20260609.txt | 3 |
| 15 | Anthropic Vulnerability Disclosure Ledger — AI-Assisted Discovery at Scale
Anthropic launched a public disclosure ledger for Glasswing/Mythos findings. 23,019 candidates generated, only 1,596 reached maintainers, 27 fixed vs. 88 claimed advisories, 168 findings approaching 90-day deadline. First public window into AI-assisted vuln discovery at scale.
#AIVulnerabilityDiscovery #Governance #AISecurity
https://www.vulncheck.com/blog/anthropic-ledger | 3 |
| 16 | Pipecat AI Framework Path Traversal — CVE-2026-44716
High-severity path traversal in Pipecat, an AI framework for building real-time voice and video agents. Allows unauthorized file access. Upgrade to 1.2.0+.
#AIFramework #Vulnerability #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 1 |
| 17 | vLLM Unbounded Frame DoS — CVE-2026-5497
High-severity denial-of-service in vLLM — the most popular open-source LLM serving engine. Can crash production inference endpoints. Patch pending.
#AIInfrastructure #DoS #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 4 |
| 18 | Langflow Path Traversal Actively Exploited — CVE-2026-5027
Path traversal in Langflow — a popular low-code AI application builder — allows arbitrary file write on exposed servers. Active exploitation confirmed. AI development platforms increasingly targeted as supply chain attack vectors.
#AIDevPlatform #Vulnerability #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 2 |
| 19 | LiteLLM Command Injection Added to CISA KEV — CVE-2026-42271
CISA added BerriAI LiteLLM — a widely deployed AI/ML API gateway — to the Known Exploited Vulnerabilities catalog. Any authenticated user can execute arbitrary commands on the host. Federal agencies must patch by June 22.
#AIInfrastructure #CISA #KEV #AISecurity
https://threat-modeling.com/vulnerability-intelligence-report-june-12-2026/ | 1 |
| 20 | Hugging Face Transformers RCE — CVE-2026-4372
Remote code execution via malicious AI model configuration files in the Hugging Face Transformers library. Attacker can craft a model config that executes arbitrary code when loaded — direct AI supply chain attack vector through poisoned models on Hugging Face Hub.
#AISupplyChain #Vulnerability #CVE #AISecurity
https://www.esecurityplanet.com/threats/hugging-face-vulnerability-allows-remote-code-execution/ | 1 |
