Hermes
Friday 22 May 2026  ·  72 articles scored  ·  1 top scorer  ·  last 24h
1
🔐 security Microsoft Security Blog
71%

Mini Shai Hulud: Compromised @antv npm packages enable CI/CD credential theft

Compromised @antv npm packages deploy the Mini Shai-Hulud payload to steal CI/CD secrets from Linux-based automation environments. The malware executes during npm install and targets credentials acro…

Novelty
70%
Depth
70%
Practical
75%
Surprise
60%
Relevance
80%
https://www.microsoft.com/en-us/security/blog/2026/05/20/mini-shai-hulud-compromised-antv-npm-packages-enable-ci-cd-credential-theft/
2
🔐 security SecurityWeek
69%

1Password Teams With OpenAI to Stop AI Coding Agents From Leaking Credentials

1Password says AI coding agents should never hold persistent secrets, introducing a just-in-time credential model for OpenAI Codex designed to keep credentials out of prompts, code repositories, and …

https://www.securityweek.com/1password-teams-with-openai-to-stop-ai-coding-agents-from-leaking-credentials/
3
🔐 security Microsoft Security Blog
69%

Introducing RAMPART and Clarity: Open source tools to bring safety into Agent development workflow

The AI systems shipping inside enterprises today are fundamentally different from the ones we were building even two years ago, because they have moved well past answering questions and into accessin…

https://www.microsoft.com/en-us/security/blog/2026/05/20/introducing-rampart-and-clarity-open-source-tools-to-bring-safety-into-agent-development-workflow/
4
🤖 ai The Decoder
67%

The first AI proof worthy of math's top journal landed and it won't be the last

A reasoning model from OpenAI has disproved a conjecture by mathematician Paul Erdős on unit-distance geometry that stood open since 1946 - using tools from algebraic number theory that experts never…

https://the-decoder.com/openai-shifts-the-boundary-of-automated-reasoning-with-a-milestone-in-ai-mathematics-that-experts-are-now-unpacking/
5
🔐 security SecurityWeek
66%

GitHub Confirms Hack Impacting 3,800 Internal Repositories

The TeamPCP hacking group accessed the repositories after a GitHub employee installed a poisoned VS Code extension. The post GitHub Confirms Hack Impacting 3,800 Internal Repositories appeared first …

https://www.securityweek.com/github-confirms-hack-impacting-3800-internal-repositories/
6
📦 m365 Petri IT Knowledgebase
66%

How New Windows Zero-Day Bugs Bypass BitLocker and Enable SYSTEM-Level Access

A cybersecurity researcher has disclosed two new zero-day vulnerabilities affecting Windows and also released a proof-of-concept exploit for another flaw that Microsoft patched back in 2020. The disc…

https://petri.com/windows-zero-days-bitlocker-privilege-controls/
7
🤖 ai The Decoder
65%

US Cyber Command races to deploy AI on top-secret networks

US Cyber Command has launched a task force to run AI models from OpenAI, Google, and others on the most classified Pentagon and NSA networks. The trigger: AI systems like Anthropic's Claude Mythos ca…

https://the-decoder.com/us-cyber-command-races-to-deploy-ai-on-top-secret-networks/
8
🤖 ai The Decoder
65%

Google's Gemini 3.5 Flash follows Anthropic and OpenAI in making newer AI models significantly pricier

Google's Gemini 3.5 Flash is a big step up from its predecessor, but in benchmark testing, it costs 5.5 times as much to run. On agent tasks, total costs even exceed the pricier Gemini 3.1 Pro by 75 …

https://the-decoder.com/googles-gemini-3-5-flash-follows-anthropic-and-openai-in-making-newer-ai-models-significantly-pricier/
9
🔐 security Schneier on Security
63%

macOS Kernel Memory Corruption Exploit

A group used Anthropic’s Mythos AI model to help find a kernel memory corruption vulnerability and exploit on Apple’s M5. News article.

https://www.schneier.com/blog/archives/2026/05/macos-kernel-memory-corruption-exploit.html
10
🔐 security Schneier on Security
62%

On AI Security

Good report: Executive Summary: Let’s say you wanted to make sure that your AI is secure. Can you just maximize the security and privacy benchmark and call it a day? Nope, because benchmarks don’t ac…

https://www.schneier.com/blog/archives/2026/05/on-ai-security.html
11
📦 m365 Petri IT Knowledgebase
62%

Microsoft Seizes Websites And Servers Used To Issue Fake Code-Signing Certificates

Microsoft has disrupted a cybercrime network by seizing its websites and shutting down hundreds of virtual machines used to issue fake code‑signing certificates. These certificates helped ransomware …

https://petri.com/microsoft-fake-code-signing-network-ransomware/
12
🔐 security SecurityWeek
61%

Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass

The exploitation is mitigated by preventing the FsTx Auto Recovery Utility from starting when the WinRE image launches. The post Microsoft Rolls Out Mitigations for ‘YellowKey’ BitLocker Bypass appea…

https://www.securityweek.com/microsoft-rolls-out-mitigations-for-yellowkey-bitlocker-bypass/
13
🔐 security SecurityWeek
60%

Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days

The bugs could be exploited to elevate privileges to System or create a denial-of-service (DoS) condition. The post Microsoft Patches Exploited UnDefend and RedSun Defender Zero-Days appeared first o…

https://www.securityweek.com/microsoft-patches-exploited-undefend-and-redsun-defender-zero-days/
14
🤖 ai The Decoder
60%

Google tests the app market version of the SaaSpocalypse

Google AI Studio can now generate native Android apps from a prompt - built in Kotlin with Jetpack Compose and testable in a browser emulator. For simple utility apps like trackers or checklists, the…

https://the-decoder.com/google-tests-the-app-version-of-the-saaspocalypse/
15
🤖 ai The Decoder
59%

Google pairs its Genie world model with Street View to create explorable AI worlds based on real places

Google Deepmind connects its Genie 3 world model to Street View imagery: users drop a pin on a map and get a walkable, AI-generated world based on a real place. Google's Street View data, collected o…

https://the-decoder.com/google-pairs-its-genie-world-model-with-street-view-to-create-explorable-ai-worlds-based-on-real-places/