New sandbox escape flaw exposes n8n instances to RCE attacks

Two vulnerabilities in the n8n workflow automation platform could allow attackers to fully compromise affected instances, access sensitive data, and execute arbitrary code on the underlying host.

OpenAI spills technical details about how its AI coding agent works

On Friday, OpenAI engineer Michael Bolin published a detailed technical breakdown of how the company’s Codex CLI coding agent ...

Open-source AI models vulnerable to criminal misuse, researchers warn

By AJ Vicens Jan 29 (Reuters) - Hackers and other criminals can easily commandeer computers operating open-source large ...
STAT

DeepMind releases AlphaGenome source code, aiming to improve its AI predictions of gene regulation

Google DeepMind announced it was making AlphaGenome’s source code and weights available to the science community for ...
The Hacker News

Critical vm2 Node.js Flaw Allows Sandbox Escape and Arbitrary Code Execution

A critical vm2 Node.js vulnerability (CVE-2026-22709, CVSS 9.8) allows sandbox escape via Promise handler bypass.
MIT Technology Review

Rules fail at the prompt, succeed at the boundary

Put rules at the capability boundary: Use policy engines, identity systems, and tool permissions to determine what the agent ...
Decrypt

OpenAI Rolls Out Free Science Platform Prism as Experts Warn of Privacy Concerns

Prism aims to move ChatGPT into scientific writing as OpenAI signals plans to share in future profits. Some are warning ...
The Register on MSN

Claude Code's prying AIs read off-limits secret files

Developers remain unsure how to prevent access to sensitive data Don't you hate it when machines can't follow simple ...