VulnHub

A researcher has revealed a new attack method called 'Comment and Control' that targets AI systems like Claude Code, Gemini CLI, and GitHub Copilot Agents. This technique exploits prompt injection vulnerabilities through comments in code, allowing attackers to manipulate the AI's responses. The implications of this vulnerability are significant, as it could lead to unintended actions by the AI, potentially compromising the integrity of code generation and automation tools widely used in software development. Developers and organizations utilizing these AI tools should be aware of this risk and take necessary precautions to safeguard their systems. As AI becomes more integrated into development workflows, understanding and mitigating such vulnerabilities is crucial.

A serious vulnerability has been discovered in nginx-ui, which could allow attackers to manipulate NGINX configuration files. This flaw has a near-maximum severity rating, meaning it poses a significant risk to users of the software. Attackers can exploit this weakness to restart, create, modify, or delete configuration files, potentially disrupting web services and compromising server security. This vulnerability affects anyone using nginx-ui, making it crucial for system administrators to take action. The situation is urgent as it could lead to unauthorized access and control over server configurations.

A report detailing the state of cybersecurity threats to industrial automation systems in Q4 2025 reveals concerning trends in malware and infection vectors. Researchers identified various types of malware that are increasingly targeting these systems, affecting industries across different regions. The report emphasizes that many organizations remain vulnerable due to outdated security measures and a lack of awareness about emerging threats. This situation puts critical infrastructure at risk, potentially leading to operational disruptions and safety hazards. Companies are urged to enhance their cybersecurity protocols and invest in better defenses to protect against these sophisticated attacks.

OpenAI is enhancing its cybersecurity efforts by expanding its Trusted Access for Cyber (TAC) program, which now aims to provide thousands of verified cybersecurity professionals with prioritized access to advanced AI tools. This expansion includes the introduction of GPT-5.4-Cyber, a specialized version of their AI designed to assist in identifying and addressing vulnerabilities in critical software. The initiative focuses on empowering defenders who are responsible for protecting software systems from potential attacks. By equipping these professionals with better resources, OpenAI hopes to improve the speed and effectiveness of vulnerability management. This move is significant as it addresses the ongoing challenge of staying ahead of attackers in the cybersecurity landscape.

The Cloud Security Alliance has issued a warning about a significant change in how quickly vulnerabilities can be exploited. Researchers are particularly concerned about Anthropic’s Claude Mythos, an AI system capable of autonomously identifying thousands of zero-day vulnerabilities in popular operating systems and web browsers. It doesn't just find these flaws; it also creates working exploits without any human intervention. This rapid pace of exploit development poses a challenge for organizations that rely on traditional patch cycles, as the time to fix vulnerabilities is shrinking. Companies will need to adapt their security strategies to keep up with this evolving threat landscape.

A serious vulnerability identified as CVE-2026-5194 has been found in wolfSSL, affecting a vast array of devices, including Internet of Things (IoT) devices, routers, and military systems. This flaw allows attackers to forge digital identities, which poses a significant risk to the security of billions of devices globally. Users and organizations utilizing wolfSSL should promptly update to version 5.9.1 to mitigate this risk. The widespread impact of this vulnerability emphasizes the importance of regular software updates to maintain security across various platforms. Failure to address this issue could lead to unauthorized access and potential exploitation of sensitive systems.

Two serious vulnerabilities have been found in Composer, a popular package manager for PHP, which could allow attackers to execute arbitrary commands on affected systems. These flaws specifically target the Perforce VCS driver, raising concerns for developers and organizations that rely on this tool for managing PHP packages. If exploited, these vulnerabilities could lead to unauthorized access and control over systems using the affected versions. Users need to act quickly to apply the patches released to secure their environments and protect sensitive data from potential breaches. The vulnerabilities highlight the importance of maintaining updated software to mitigate risks.

RCI Hospitality, a major player in the nightclub industry, has reported a data breach due to an IDOR (Insecure Direct Object Reference) vulnerability in RCI Internet Services. This security flaw exposed sensitive contractor data, potentially affecting individuals associated with the company. The breach was disclosed in a filing with the Securities and Exchange Commission (SEC), indicating that the company is taking the matter seriously. This incident raises concerns about data security in the hospitality sector, as breaches can lead to identity theft and other malicious activities. Stakeholders will need to monitor the situation closely as RCI investigates the extent of the exposure and implements necessary safeguards.