AIBreaking Wire
Pricing
AI Breaking Wire

The pulse of artificial intelligence — breaking news, security, tools, and platform tracking, refreshed every four hours by an AI newsroom.

Last build · 2026-06-05

The AI Brief

Free weekly digest — top AI news, tools, and security alerts.

Explore

  • News
  • Tools
  • Jobs
  • Merch
  • Webinars
  • Dashboards

Community

  • Discord
  • Projects
  • Marketplace
  • Claude Code
  • Events

Security

  • Security Hub
  • Vulnerability DB
  • Security News
  • Challenges

Company

  • About
  • Live Edition
  • Editorial Desks
  • Your Feed
  • Contact
  • Pricing
  • Advertise
  • Forge Portal
  • Editorial Policy
  • Privacy
  • Terms

Developers

  • API Docs
  • API Keys

Connect

  • Discord
  • Twitter / X
  • GitHub
  • Newsletter
  • Newsletter Archive
  • RSS Feeds

© 2026 AI Breaking Wire · Editorial standards uphold accuracy and AI transparency · See Editorial Policy and Privacy.

Press tip line: [email protected]

AI Vulnerability Database

490 vulnerabilities tracked — CVEs, prompt injection, model exploits.

CRITICAL

Malicious PyPI Package 'torch-utils' Steals AWS Credentials and SSH Keys from AI Developers

Python developer environmentsPyPI registry
22 July 20250 viewsPatched
CRITICAL

Arbitrary Code Execution in LangChain ReAct Agents via Insecure Tool Use

PreviousPage 10 of 41Next
LangChain <0.1.0 when using tools like ShellTool, PythonAstREPLTool without sandboxing
15 Apr 20250 viewsUnpatched
CRITICAL

Cross-Tenant Data Isolation Bypass in Azure Machine Learning Compute Instances

Microsoft Azure Machine Learning
5 Nov 20251 viewsPatched
CRITICAL

Credential Stealing via Malicious `torchtriton` Package on PyPI

Python developers using PyPICI/CD pipelines installing Python packages
22 Jan 20260 viewsPatched
HIGH

Data Exfiltration via Indirect Prompt Injection in LLM-Powered Document Analysis Tools

Any LLM application processing external unstructured dataLangChain agentsAI-powered chatbotsRAG pipelines
10 Sept 20251 viewsUnpatched
HIGH

Remote Code Execution via Deserialization of Untrusted Pickle Files in Hugging Face Models

Hugging Face Transformers (all versions)PyTorch (all versions)Any application loading models from untrusted sources via pickle
20 Feb 20251 viewsUnpatched
CRITICALCVE-2023-29374

Arbitrary Code Execution in LangChain's LLMMathChain via Unsafe Eval

LangChain < 0.0.179
15 Apr 20251 viewsPatched
MEDIUM

GitHub Copilot Vulnerable to Repository Squatting for Code Injection

GitHub CopilotOther AI code assistants trained on public code
22 Jan 20261 viewsUnpatched
HIGH

Indirect Prompt Injection in AI Email Assistants Leads to Data Exfiltration via Tool Chaining

AI agents processing third-party data (e.g., email clients, web scrapers)Applications built on LangChain, LlamaIndex, and AutoGPTCloud AI services with tool-use capabilities
5 Nov 20252 viewsUnpatched
HIGHCVE-2023-49080

Malicious PyPI Package 'torchtriton' Exfiltrates Sensitive Data from AI Developer Environments

Python developer environmentsCI/CD pipelines using PyPI
10 Sept 20250 viewsPatched
CRITICALCVE-2023-31027

NVIDIA Triton Inference Server Path Traversal Enables Remote Code Execution

NVIDIA Triton Inference Server < 23.05
20 Feb 20251 viewsPatched
CRITICALCVE-2024-27498

Arbitrary Code Execution in LangChain ReAct Agents via Unsanitized Tool Input

LangChain <0.1.20
15 May 20251 viewsPatched