This digest covers new exploits in AI and enterprise platforms, including a path traversal flaw in Langflow, a ServiceNow tenant data leak, and critical Ivanti Sentry root bugs. It also highlights Anthropic’s ATT&CK mapping of AI-driven threats and evolving deepfake tactics for bypassing facial recognition.

Mozilla used Anthropic’s Mythos Preview model to scan Firefox 150’s unreleased source code and flagged 271 security vulnerabilities before release. That’s a big jump from the 22 bugs found by Anthropic’s earlier Opus 4.6 model on Firefox 148, cutting out months of manual auditing.

The article discusses a recent supply chain attack involving the popular Axios package, highlighting how an attacker installed malware without altering the original code. It emphasizes the challenges posed by AI in both coding and attacking, as automated systems can easily introduce vulnerabilities faster than traditional security measures can respond.

Vitalik Buterin highlights significant vulnerabilities in decentralized stablecoins, including their reliance on the U.S. dollar, the risks associated with oracle data, and the challenges of staking incentives. He emphasizes that these design flaws could undermine the stability of these assets over time, suggesting that future stablecoins may need to consider broader price indexes instead of being dollar-dependent.