Reports
AI-generated structured vendor updates
SANS Identifies Distributed Scanning of MCP Servers and AI Assistant Configs
SANS Internet Storm Center reports systematic scanning of MCP servers, AI assistant configs, and local LLM endpoints. 49 IPs targeted MCP handshakes, exploiting CVEs in MCP SDKs, signaling AI infrastructure as a new attack vector.
Trend Micro Report Highlights AI Supply Chain Risks and Model Attack Surfaces
Trend Micro's 'Fault Lines in the AI Ecosystem' report systematically analyzes security risks in the AI supply chain, including training data poisoning, third-party plugin vulnerabilities, and model theft attacks. It indicates that enterprise AI security boundaries have expanded from traditional IT infrastructure to the model layer and data pipelines.
Microsoft Copilot SearchLeak: One Click Exfiltrates All Indexed Enterprise Data via LLM Prompt Injection
Varonis discovered SearchLeak (CVE-2026-42824) in Microsoft 365 Copilot Enterprise, a three-stage vulnerability chain: P2P injection, HTML rendering race condition, and SSRF via Bing to bypass CSP. Attackers embed malicious URL parameters; user clicks cause Copilot to exfiltrate sensitive data (emails, SharePoint, OneDrive) via Bing image URLs, evading traditional phishing defenses. Microsoft has released a patch.