Research publications from the CSA AI Safety Initiative for June 2026, produced by the AWESOM-Orbert 4000 automated research pipeline. Papers are available as web pages and downloadable PDFs.
White Papers (6) | Research Notes (38) | CISO Briefings (9)
đź“„ White Papers
Hidden Nodes: AI Scraping SDKs as Enterprise Attack Vectors
2026-06-08
Hidden Nodes: AI Scraping SDKs as Enterprise Attack Vectors Executive Summary The infrastructure powering AI model training has a hidden layer that few enterprise security teams have considered: milli…
2026-06-07
The AI SOC Investment Paradox Executive Summary The security industry is confronting a measurable paradox.
EU Tech Sovereignty: Cloud Concentration Risk and the Compliance Cascade
2026-06-05
EU Tech Sovereignty: Cloud Concentration Risk and the Compliance Cascade Executive Summary The European Commission’s June 2026 European Technological Sovereignty Package represents the EU’…
The Exploitation Time Collapse
2026-06-04
The Exploitation Time Collapse Executive Summary Patch management has functioned as the cornerstone of enterprise vulnerability programs for three decades.
LLM Agents as Offensive Post-Exploitation Tools
2026-06-01
LLM Agents as Offensive Post-Exploitation Tools Attack Patterns, Threat Taxonomy, and Enterprise Defenses Cloud Security Alliance AI Safety Initiative Version 1.0 | June 2026 — Executive Summary…
2026-06-01
Research publications from the CSA AI Safety Initiative for May 2026, produced by the AWESOM-Orbert 4000 automated research pipeline. Papers are available as web pages and downloadable PDFs. White Pap…
🔬 Research Notes
State Media in AI Training Data: Geopolitical Bias as Enterprise Risk
2026-06-09
State Media in AI Training Data: Geopolitical Bias as Enterprise Risk Key Takeaways A peer-reviewed study published in Nature in May 2026 has put empirical numbers to a risk that has long been assumed…
EU AI Act Digital Omnibus: Enterprise Risk Recalibration
2026-06-09
EU AI Act Digital Omnibus: Enterprise Risk Recalibration Key Takeaways On May 7, 2026, negotiators from the European Council, European Parliament, and European Commission reached a provisional politic…
LiteLLM RCE Chain: AI Gateway Under Active Exploitation
2026-06-09
LiteLLM RCE Chain: AI Gateway Under Active Exploitation Key Takeaways Two vulnerabilities, individually moderate to high in severity, are being chained in the wild to achieve unauthenticated remote co…
Miasma and IronWorm: Self-Replicating Worms Targeting AI Credentials
2026-06-09
Miasma and IronWorm: Self-Replicating Worms Targeting AI Credentials Key Takeaways During the week of June 1–5, 2026, two self-replicating supply chain worms—Miasma and IronWorm—emerged from the npm e…
AI Finds 21 FFmpeg Zero-Days for $1,000
2026-06-09
AI Finds 21 FFmpeg Zero-Days for $1,000 Key Takeaways Depthfirst, a security startup, used an autonomous AI agent built on commercially available Claude models to discover 21 previously unknown vulner…
NIST AI Consortium: From Safety Testing to Measurement Science
2026-06-08
NIST AI Consortium: From Safety Testing to Measurement Science Key Takeaways On May 29, 2026, NIST renamed the AI Safety Institute Consortium (AISIC) to the NIST Artificial Intelligence Consortium, re…
VerdantBamboo Deploys BRICKSTORM BSD Variant on Linux Appliances
2026-06-08
VerdantBamboo Deploys BRICKSTORM BSD Variant on Linux Appliances Key Takeaways On June 4, 2026, Volexity published findings documenting VerdantBamboo—a China-nexus espionage group tracked by Microsoft…
Project Glasswing: AI Discovery Outpaces Open Source Patching Capacity
2026-06-08
Key Takeaways Project Glasswing, Anthropic’s coordinated AI vulnerability research initiative, deployed Claude Mythos Preview alongside twelve major technology partners in April 2026 and identif…
Silent Ransom Group: Vishing and Physical Intrusion at Law Firms
2026-06-08
Silent Ransom Group: Vishing and Physical Intrusion at Law Firms Key Takeaways UNC3753 (also tracked as Silent Ransom Group, Luna Moth, and Chatty Spider) has conducted a sustained and expanding data …
AI Agent Prompt Injection: The New CI/CD Supply Chain Threat
2026-06-07
AI Agent Prompt Injection: The New CI/CD Supply Chain Threat Key Takeaways Anthropic’s Claude Code GitHub Action contained a critical permission bypass (CVSS 4.0: 7.8) in which the function unco…
Reforming Coordinated Vulnerability Disclosure for the Autonomous Bug Hunter Era
2026-06-07
Reforming Coordinated Vulnerability Disclosure for the Autonomous Bug Hunter Era Key Takeaways Autonomous AI systems are now discovering valid, high-severity software vulnerabilities at a scale and sp…
AI Finds 21 FFmpeg Zero-Days for $1,000
2026-06-07
AI Finds 21 FFmpeg Zero-Days for $1,000 Key Takeaways Autonomous security startup depthfirst disclosed on June 6, 2026 that its AI agent discovered 21 previously unknown vulnerabilities in FFmpeg—the …
OP-512: China-Linked IIS Web Shell Espionage Campaign
2026-06-07
OP-512: China-Linked IIS Web Shell Espionage Campaign Key Takeaways ReliaQuest disclosed OP-512 on June 5, 2026 — a newly tracked China-linked threat cluster targeting Microsoft Internet Information S…
IronWorm: eBPF Rootkit and Tor C2 Target npm Supply Chain
2026-06-07
IronWorm: eBPF Rootkit and Tor C2 Target npm Supply Chain Key Takeaways IronWorm is a Rust-built infostealer worm discovered in early June 2026 that spread across 37 npm packages from a compromised ac…
EU CADA: Enterprise Sovereignty Compliance for Cloud AI
2026-06-06
EU CADA: Enterprise Sovereignty Compliance for Cloud AI Key Takeaways The European Commission’s Cloud and AI Development Act (CADA), formally proposed on June 3, 2026, introduces the first EU-wi…
2026-06-06
The AI Agent Lethal Trifecta Key Takeaways An independent assessment of 100 commercial and publicly available production AI agents (AI Risk Quadrant Q2 2026) found that only 11 percent pass a baseline…
Codex Compromised: npm Supply Chain Steals AI Developer Tokens
2026-06-06
Codex Compromised: npm Supply Chain Steals AI Developer Tokens Key Takeaways Aikido Security disclosed on May 27, 2026 that the npm package —a remote web UI for OpenAI Codex with approximately 29,000 …
ChatGPhish: When AI Summaries Become Phishing Lures
2026-06-06
ChatGPhish: When AI Summaries Become Phishing Lures Key Takeaways ChatGPhish, disclosed by Permiso researcher Andi Ahmeti on May 29, 2026, demonstrates that a web page under an attacker’s contro…
Marimo RCE: LLM Agents as Post-Exploitation Tools
2026-06-06
Marimo RCE: LLM Agents as Post-Exploitation Tools Key Takeaways CVE-2026-39987, a pre-authentication remote code execution flaw in the Marimo reactive Python notebook platform (CVSS 9.8 / v3.1; 9.3 / …
AIUC-1 Q2 Refresh: MCP Security and Agent Identity Controls
2026-06-05
AIUC-1 Q2 Refresh: MCP Security and Agent Identity Controls Key Takeaways The AIUC-1 Q2 2026 quarterly release (effective April 15, 2026) modified 14 requirements and added 23 controls, with Model Con…
Cisco SD-WAN Zero-Day: Unpatched Root Privilege Escalation
2026-06-05
Cisco SD-WAN Zero-Day: Unpatched Root Privilege Escalation Key Takeaways Cisco disclosed CVE-2026-20245 on June 5, 2026 — an unpatched privilege escalation vulnerability in Cisco Catalyst SD-WAN Manag…
PCPJack: Cloud Worm Builds Covert SMTP Relay Network
2026-06-05
PCPJack: Cloud Worm Builds Covert SMTP Relay Network Key Takeaways SentinelOne published a technical analysis of PCPJack on May 7, 2026, documenting a modular credential theft framework that propagate…
CIRCIA June 18: Last Call for Cloud and AI Providers
2026-06-04
CIRCIA June 18: Last Call for Cloud and AI Providers Key Takeaways June 18, 2026 is the last scheduled formal input opportunity in the current town hall series. CISA’s final CIRCIA town hall — d…
AI-Adaptive Worms: Autonomous Exploitation of Post-Cutoff CVEs
2026-06-04
AI-Adaptive Worms: Autonomous Exploitation of Post-Cutoff CVEs Key Takeaways On June 2, 2026, researchers from the University of Toronto, Vector Institute, and University of Cambridge published a prep…
VS Code Zero-Day: One-Click GitHub Token Theft
2026-06-04
VS Code Zero-Day: One-Click GitHub Token Theft Key Takeaways Security researcher Ammar Askar publicly disclosed a zero-day vulnerability in github.dev, GitHub’s browser-hosted Visual Studio Code…
HTTP/2 Bomb: AI-Discovered DoS Hits Every Major Web Server
2026-06-04
HTTP/2 Bomb: AI-Discovered DoS Hits Every Major Web Server Key Takeaways Researcher Quang Luong at offensive security firm Calif, working with OpenAI’s Codex AI model, identified a novel denial-…
The Hollowing of CISA: Attrition, Credential Exposure, and Defense Risk
2026-06-03
Key Takeaways A Nightwing contractor maintained a public GitHub repository named “Private-CISA” that exposed administrative AWS GovCloud credentials, plaintext passwords for dozens of inte…
NIST AI Consortium: New TEVV Standards for Enterprise Compliance
2026-06-03
NIST AI Consortium: New TEVV Standards for Enterprise Compliance Key Takeaways The May 2026 restructuring of the NIST AI Consortium represents the most substantial reorganization of U.S.
Miasma: Red Hat npm Supply Chain Worm
2026-06-03
Miasma: Red Hat npm Supply Chain Worm Key Takeaways On June 1, 2026, researchers at Wiz and multiple concurrent firms identified a supply chain compromise affecting at least 32 packages under the npm …
2026-06-03
Helpdesk Hijack Key Takeaways Over the weekend of May 31–June 1, 2026, threat actors exploited Meta’s AI support assistant to seize high-profile Instagram accounts — including a former Obama Whi…
The Attacker’s Coding Partner: AI-Assisted Ransomware Development
2026-06-03
The Attacker’s Coding Partner: AI-Assisted Ransomware Development Key Takeaways Large language models are now documented participants in the ransomware development lifecycle.
The Vibe Coding Governance Gap
2026-06-02
The Vibe Coding Governance Gap Key Takeaways Vibe coding—the practice of building functional software by directing AI models in natural language without reading or understanding the generated code—has…
ChatGPhish: When Any Web Page Becomes a Phishing Lure
2026-06-02
ChatGPhish: When Any Web Page Becomes a Phishing Lure Key Takeaways ChatGPhish is a Cross-Site Prompt Injection Attack (XPIA) disclosed by Permiso Security on May 29, 2026, that exploits ChatGPT’…
LLM Agents as Active Post-Exploitation Tools
2026-06-02
LLM Agents as Active Post-Exploitation Tools Key Takeaways On May 10, 2026, Sysdig researchers documented the first confirmed wild intrusion in which an LLM agent autonomously drove the entire post-ex…
AI Credential Theft via npm Supply Chain Malware
2026-06-02
AI Credential Theft via npm Supply Chain Malware Key Takeaways The codexui-android npm package, accumulating approximately 27,000 to 29,000 weekly downloads before disclosure, executed credential thef…
NIST AI Consortium Expansion: Enterprise Security Governance Implications
2026-06-01
NIST AI Consortium Expansion: Enterprise Security Governance Implications Key Takeaways On May 29, 2026, NIST renamed the AI Safety Institute Consortium (AISIC) to the NIST Artificial Intelligence Con…
AI Developer Supply Chain: OpenAI Codex Token Theft
2026-06-01
AI Developer Supply Chain: OpenAI Codex Token Theft Key Takeaways The npm package, a functional remote web UI for OpenAI Codex CLI with approximately 27,000 to 29,000 weekly downloads, was found to si…
ChatGPhish: AI Assistants as Phishing Infrastructure
2026-06-01
ChatGPhish: AI Assistants as Phishing Infrastructure Key Takeaways Permiso Security’s May 2026 ChatGPhish disclosure demonstrates that any public web page summarized by ChatGPT can inject phishi…
🛡️ CISO Briefings
CISO Daily Briefing – June 9, 2026
2026-06-09
CISO Daily Briefing Cloud Security Alliance — AI Safety Initiative Intelligence Report Report Date June 9, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 5…
ALT CISO Daily Briefing – June 9, 2026
2026-06-09
CISO Daily BriefingALT CISO BRIEFING Cloud Security Alliance AI Safety Initiative — Decision-Oriented Intelligence Report Report Date June 9, 2026 Intelligence Window 48 Hours Priority Items 5 Actiona…
CISO Daily Briefing – June 8, 2026
2026-06-08
CISO Daily Briefing Cloud Security Alliance Intelligence Report Report Date June 8, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 3 Overnight Executive Summary …
CISO Daily Briefing – June 7, 2026
2026-06-07
CISO Daily Briefing Cloud Security Alliance Intelligence Report Report Date June 7, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 5 Overnight Executive Summary …
CISO Daily Briefing – June 5, 2026
2026-06-05
CISO Daily Briefing Cloud Security Alliance Intelligence Report Report Date June 5, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 3 Overnight Executive Summary …
CISO Daily Briefing – June 4, 2026
2026-06-04
CISO Daily Briefing Cloud Security Alliance Intelligence Report Report Date June 4, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 5 Overnight CRITICAL: Peer-rev…
CISO Daily Briefing – June 3, 2026
2026-06-03
CISO Daily Briefing Cloud Security Alliance — AI Safety Initiative Intelligence Report Report Date June 3, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 3…
CISO Daily Briefing – June 2, 2026
2026-06-02
CISO Daily Briefing Cloud Security Alliance — AI Safety Initiative Intelligence Report Report Date June 2, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 3…
CISO Daily Briefing – June 1, 2026
2026-06-01
CISO Daily Briefing Cloud Security Alliance — AI Safety Initiative Intelligence Report Report Date June 1, 2026 Intelligence Window 48 Hours Topics Identified 5 Priority Items Papers Published 3…
Last updated: 2026-06-09 06:54 UTC