Find notable cyber news and cases, enriched with sources, timelines, and signals.

OpenNDS zero-day vulnerabilities (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 0
1 unique sources, 1 articles

Summary

Hide ▲

Researchers uncovered four new zero-day vulnerabilities in OpenNDS, creating unknown-risk exposure in a widely deployed software component. The flaws were found using single prompts, the RAPTOR agentic framework, and custom extensions, showing that automated testing can surface concrete bugs with minimal prompting. One vulnerability was located in code that had already been manually reviewed, suggesting earlier analysis missed exploitable weakness. The finding raises concern for systems that rely on OpenNDS before patches or mitigations are available.

Related Happenings

ExploitBench benchmark shows frontier AI models can stage Chrome exploit chains against vulnerable V8 builds

Technical Analysis
H score16 First: 04.06.2026 16:00 Last: 04.06.2026 16:00 Sources 1

About this happening: Bugcrowd’s **ExploitBench** now shows frontier AI models can progress through staged **Google Chrome** exploit chains, raising the risk of faster **AI-assisted exploit development...

Forescout Verde Labs benchmarks AI models for vulnerability research and autonomous exploit generation

Technical Analysis
H score24 First: 17.04.2026 16:20 Last: 17.04.2026 16:20 Sources 1

How related: Forescout’s Verde Labs found that just a year ago 55% of AI models failed basic vulnerability research and 93% failed exploit development tasks.

About this happening: **Forescout’s Verde Labs** found that **50 AI models** now perform **vulnerability research** and **exploit development** much more effectively, making unknown bugs easier for ine...

NIST/NVD risk-based CVE enrichment change

Public Sector Action
H score35 First: 16.04.2026 15:43 Last: 16.04.2026 15:43 Sources 1

About this happening: **NIST** said the **US National Vulnerability Database (NVD)** will switch to a **risk-based CVE enrichment** model to cope with backlog growth. The change will **drop enrichment...

Anthropic launches Project Glasswing with Claude Mythos for vulnerability discovery

Security Tool/Service
H score58 First: 08.04.2026 12:16 Last: 08.04.2026 12:16 Sources 1

About this happening: **Anthropic’s Project Glasswing** is now showing measurable results: since launching last month, the **Claude Mythos Preview**-based initiative has uncovered **more than 10,000**...

Latest development: 03.06.2026 14:00

President Donald Trump signed a June 2 executive order that sets up a voluntary framework for developers of covered frontier models to give the US government access for cybersecurity review for up to 30 days before release, while expressly rejecting any mandatory licensing or preclearance requirement. The order directs NSA, CISA, and NIST to build a classified benchmark for determining which models cross the covered threshold and creates an AI cybersecurity clearinghouse led by the Treasury Department. The framework closely echoes Anthropic's Project Glasswing, which gives vetted partners early access to Claude Mythos Preview to scan critical software for vulnerabilities.

Anthropic Claude Code Security research preview adds vulnerability scanning and patch suggestions

Security Tool/Service
H score11 First: 27.02.2026 16:00 Last: 27.02.2026 16:00 Sources 1

About this happening: Anthropic's **Claude Code Security** entered **research preview**, adding vulnerability scanning and patch suggestions inside **Claude Code** for developers reviewing code before...

Timeline

  1. 17.04.2026 16:20 2 articles · 2mo ago

    Forescout reports four OpenNDS zero-days

    Initial Disclosure

    Forescout’s Verde Labs reported that testing with single prompts, the RAPTOR agentic framework, and custom extensions uncovered four new zero-day vulnerabilities in OpenNDS, and one flaw was located in code that had already been manually reviewed.

    Show sources