#security

A post in r/artificial amplified an Ars Technica report on LLM-driven deanonymization research, including results up to 68% recall and 90% precision across multiple social datasets.

Cloud Imperium Games disclosed that attackers accessed some backup systems on January 21, 2026, with exposure limited to basic account information. The company says no passwords or payment data were affected and that it has no current evidence of public data release.

A February 28, 2026 Hacker News thread discussed NanoClaw’s security model, emphasizing untrusted-agent assumptions, per-agent isolation, and limits of prompt-level safeguards.

OpenAI and Paradigm launched EVMbench, a benchmark for AI agent performance on smart contract detection, patching, and exploitation tasks. OpenAI reports GPT-5.3-Codex scored 72.2% in exploit mode versus 31.9% for GPT-5.

A high-ranking Hacker News thread amplified a Truffle Security report arguing that legacy Google API keys can become high-impact credentials when Gemini APIs are enabled. The post highlights exposure scale claims and concrete key-hardening steps.

OpenAI introduced EVMbench, a new benchmark measuring how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities in EVM-based blockchains.

OpenAI introduced EVMbench, a new benchmark measuring how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities in EVM-based blockchains.

OpenAI introduced EVMbench, a new benchmark measuring how well AI agents can detect, exploit, and patch high-severity smart contract vulnerabilities in EVM-based blockchains.

Researchers warn that AI-generated fake faces have crossed a critical threshold: they now appear more trustworthy than real human faces, challenging deepfake detection and undermining digital trust.

A software engineer building a custom controller app for his DJI robot vacuum inadvertently discovered a backend security bug using an AI coding assistant that exposed live camera feeds, microphone audio, and floor maps from nearly 7,000 devices across 24 countries.

Claude Code Security, announced February 20, uses AI reasoning to scan codebases for vulnerabilities and found 500+ undetected bugs in production open-source code. Cybersecurity stocks fell sharply on the news.

SecurityScorecard's STRIKE team found 40,214 OpenClaw AI agent instances exposed to the public internet with no authentication. Over 12,000 are vulnerable to Remote Code Execution, and attackers who compromise them inherit full system access including SSH keys, browser sessions, and filesystem control.