A critical server-side request forgery flaw (CVE-2026-33626, CVSS 9.1) in LMDeploy allows unauthenticated attackers to make arbitrary internal network requests through AI inference servers. Upgrade to version 0.7.3 immediately.
Microsoft has embedded Anthropic’s Claude Mythos Preview into its Security Development Lifecycle. The AI has already found thousands of zero-day vulnerabilities including a 27-year-old OpenBSD flaw.
Anthropic Claude Mythos Preview found 271 security vulnerabilities in Mozilla Firefox in a single evaluation pass. All bugs are patched in Firefox 150. Here is the full breakdown.
A small group of unauthorized users accessed Anthropic’s Mythos AI — the cybersecurity model deemed too dangerous to release publicly — by exploiting a third-party contractor’s credentials. Anthropic is now investigating. Here’s the full breakdown of how it happened, who they are, and why this could be the most dangerous AI breach yet.