{"uuid": "138f4a71-b8e7-4323-9ab0-ff749fd7ff47", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2026-39987", "type": "published-proof-of-concept", "source": "https://t.me/bhhub/1196", "content": "Weekly 8 AI &amp; Cyber signals to act on (May 29\u2013 June 5)\n\n#AISecurity@bhhub \n\n\u2728AI Agents Enable Adaptive Computer Worms \u2014 University of Toronto / Vector Institute\nURL\nCleverHans Lab published a proof-of-concept worm powered by a locally-run open-weight LLM that adaptively chose its own attack strategy per target and breached 73% of a 33-node simulated corporate network in one week with zero human involvement \u2014 and ran entirely on stolen compute, making the attacker's marginal cost per infection zero.\n\n\u2728 First Confirmed Real-World LLM-Agent Intrusion \u2014 Sysdig TRT (via Marimo CVE-2026-39987)\nURL\nSysdig's threat research team documented the first publicly confirmed intrusion where an LLM agent drove the entire post-exploitation chain autonomously \u2014 CVE-2026-39987 (Marimo notebook RCE) to internal PostgreSQL database dump across 4 network pivots in under one hour, with the bastion phase taking under 2 minutes.\n\n\u2728 Bleeding Llama \u2014 CVE-2026-7482: Unauthenticated Heap Memory Leak in Ollama Exposes 300,000 Servers\nURL\nA heap out-of-bounds read in Ollama's GGUF model loader (CVSS 9.1) lets any unauthenticated attacker drain the entire Ollama process heap \u2014 system prompts, user chat fragments, env vars containing API keys, and PII \u2014 in three API calls that leave no error in logs, affecting an estimated 300,000 internet-exposed servers.\n\n#AppSec@bhhub \n\n\u2728 Microsoft Build 2026 \u2014 AI Code, Agent, and Model Security Tooling for Developers\nURL\nMicrosoft announced a suite of shift-left AppSec capabilities at Build 2026 including native Defender Portal \u2192 GitHub Code Security integration that routes MDASH vulnerability findings into developer PR workflows with production-risk context (internet exposure, data sensitivity), plus new pre-deployment tooling to detect potentially compromised or vulnerable AI models before they ship.\n\n\u2728 Anthropic Expands Project Glasswing to 150 Organizations in 15+ Countries\nURL\nAnthropic scaled its Claude Mythos vulnerability-hunting program to ~150 new organizations across critical infrastructure sectors in 15+ countries \u2014 cohort-one partners found 10,000+ high/critical vulns; the subsequent month's expanded cohort found 23,000 more, &gt;25% rated high or critical, surfacing a new bottleneck: patch bandwidth, not discovery.\n\n#RedTeam@bhhub \n\n\u2728 OWASP AI &amp; Agentic Red Teaming Landscape Q2 2026 + Agentic Research Council Launch\nURL\nOWASP released the first standardized landscape of AI and agentic red teaming tools and simultaneously launched the Agentic Research Council \u2014 a standing coordinated-research body \u2014 to close the gap between fast-moving agentic capabilities and security research, identifying that standard pentesting cycles cannot keep pace with environments where the test surface changes between runs.\n\n#BlueTeam@bhhub\n\n\u2728 Microsoft MDASH Exits Preview: 96.55% on CyberGym, 100+ Specialized AI Agents\nURL\nMicrosoft's multi-agent agentic security scanner (MDASH) exited preview at Build 2026 scoring 96.55% on UC Berkeley's CyberGym benchmark \u2014 up ~10 points in under three weeks \u2014 finding 21 of 21 planted vulnerabilities with zero false positives across confirmed MSRC cases, using 100+ specialized auditor, debater, and prover agents.\n\n\u2728 Anthropic Claude Compliance API \u2014 28 Enterprise Security Integrations Route AI Activity Into SIEM, DLP, and SOC\nURL\nAnthropic launched a Claude Compliance API giving enterprise security teams programmatic access to Claude conversation content and activity event logs, with 28 integrations already live across SIEM, DLP, SASE, identity, eDiscovery, and AI-SPSM platforms \u2014 including CrowdStrike Falcon, Palo Alto Networks, Microsoft Purview, Splunk, Wiz, Zscaler, and Varonis.", "creation_timestamp": "2026-07-12T06:00:05.785436Z"}