Hermes
Friday 8 May 2026  ·  71 articles scored  ·  2 top scorers  ·  last 24h
1
🔐 security Microsoft Security Blog
78%

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these vulnerabilities work, what’s impacted, and how to secure your agents. The post When…

Novelty
80%
Depth
70%
Practical
80%
Surprise
70%
Relevance
90%
https://www.microsoft.com/en-us/security/blog/2026/05/07/prompts-become-shells-rce-vulnerabilities-ai-agent-frameworks/
2
🔐 security SecurityWeek
70%

Claude Code OAuth Tokens Can Be Stolen Through Stealthy MCP Hijacking

Mitiga researchers say attackers can silently redirect Claude Code MCP traffic, intercept OAuth tokens, and maintain persistent access to connected SaaS platforms. The post Claude Code OAuth Tokens C…

Novelty
80%
Depth
50%
Practical
70%
Surprise
75%
Relevance
85%
https://www.securityweek.com/claude-code-oauth-tokens-can-be-stolen-through-stealthy-mcp-hijacking/
3
🔐 security Schneier on Security
69%

Rowhammer Attack Against NVIDIA Chips

A new rowhammer attack gives complete control of NVIDIA CPUs. On Thursday, two research teams, working independently of each other, demonstrated attacks against two cards from Nvidia’s Ampere generat…

https://www.schneier.com/blog/archives/2026/05/rowhammer-attack-against-nvidia-chips.html
4
📦 m365 Petri IT Knowledgebase
66%

Attackers Extract Microsoft Edge Passwords From Memory Using Legitimate Remote Access Tools

An attacker who has administrative-level access can retrieve Microsoft Edge users’ saved passwords from memory, even when those credentials are not actively being used. This is possible because the b…

https://petri.com/microsoft-edge-passwords-memory-theft-rmm-tools/
5
🔐 security SecurityWeek
65%

AI Coding Agents Could Fuel Next Supply Chain Crisis

“TrustFall” attack shows how AI coding agents can be manipulated into launching stealthy supply chain compromises. The post AI Coding Agents Could Fuel Next Supply Chain Crisis appeared first on Secu…

https://www.securityweek.com/ai-coding-agents-could-fuel-next-supply-chain-crisis/
6
⚡ tech The Verge
65%

A hacker ran me over with a robot lawn mower

A Yarbo lawnmower with a trimmer attachment. | Image: Yarbo I'm lying in the dirt. It's coming for me. Then, with a lurch, it's climbing up my chest. If Andreas Makris doesn't stop the 200-pound robo…

https://www.theverge.com/tech/925696/yarbo-robot-lawn-mower-hack-remote-control-camera-access-mqtt
7
🤖 ai The Decoder
65%

OpenAI built a networking protocol with AMD, Broadcom, Intel, Microsoft, and NVIDIA to fix AI supercomputer bottlenecks

OpenAI has teamed up with AMD, Broadcom, Intel, Microsoft, and NVIDIA to develop MRC, an open source network protocol that sends data across hundreds of paths simultaneously between GPUs. Instead of …

https://the-decoder.com/openai-built-a-networking-protocol-with-amd-broadcom-intel-microsoft-and-nvidia-to-fix-ai-supercomputer-bottlenecks/
8
🤖 ai AI Alignment Forum
64%

Natural Language Autoencoders Produce Unsupervised Explanations of LLM Activations

Abstract We introduce Natural Language Autoencoders (NLAs), an unsupervised method for generating natural language explanations of LLM activations. An NLA consists of two LLM modules: an activation v…

https://www.alignmentforum.org/posts/oeYesesaxjzMAktCM/natural-language-autoencoders-produce-unsupervised
9
🤖 ai The Decoder
64%

OpenAI's new voice model brings GPT-5-level reasoning to real-time conversations

OpenAI is shipping three new voice models—GPT-Realtime-2, GPT-Realtime-Translate, and GPT-Realtime-Whisper—that can reason in real time, translate across 70+ languages, and transcribe live speech. GP…

https://the-decoder.com/openais-new-voice-model-brings-gpt-5-level-reasoning-to-real-time-conversations/
10
🔐 security SecurityWeek
63%

Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls

CVE-2026-0300 affects the Captive Portal service of PAN-OS software on PA and VM series firewalls. The post Palo Alto Networks to Patch Zero-Day Exploited to Hack Firewalls appeared first on Security…

https://www.securityweek.com/palo-alto-networks-to-patch-zero-day-exploited-to-hack-firewalls/
11
🤖 ai The Decoder
62%

Claude's new "Dreaming" feature is designed to let AI agents learn from their mistakes

Anthropic is adding "Dreaming" to Claude Managed Agents, an asynchronous process that reviews past agent sessions, cleans up duplicate or outdated memory entries, and distills new insights. Along wit…

https://the-decoder.com/claudes-new-dreaming-feature-is-designed-to-let-ai-agents-learn-from-their-mistakes/
12
⚡ tech Stratechery
61%

Microsoft Earnings, Apple Earnings

Microsoft unveils its new agentic business model, and Apple confronts shortages in memory and chips even as the Mac benefits from AI.

https://stratechery.com/2026/microsoft-earnings-apple-earnings/
13
🤖 ai The Decoder
60%

AI models follow their values better when they first learn why those values matter

A study from the Anthropic Fellows Program shows that training a language model on texts explaining its intended values before teaching it specific behaviors leads to significantly better adherence t…

https://the-decoder.com/ai-models-follow-their-values-better-when-they-first-learn-why-those-values-matter/
14
📦 m365 Petri IT Knowledgebase
60%

Microsoft Azure Local Now Supports Thousands of Servers in Sovereign Deployments

Microsoft’s Azure Local can now support deployments of thousands of servers within a single sovereign environment. This allows organizations to run very large, complex workloads locally without redes…

https://petri.com/azure-local-thousands-servers-sovereign-deployments/
15
🔐 security SecurityWeek
59%

Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese State Hacking

The cybersecurity firm has not explicitly accused China of being behind the attack, but the evidence suggests it was. The post Palo Alto Zero-Day Exploited in Campaign Bearing Hallmarks of Chinese St…

https://www.securityweek.com/palo-alto-zero-day-exploited-in-campaign-bearing-hallmarks-of-chinese-state-hacking/