S
Cyber intel today:
Windows NTLM hash leak zero-day hit KEV. Patch by May 12.
Storm-1175 tied to Medusa zero-day attacks. Watch ransomware pivots.
WordPress plugin RCE and auth bypass CVEs. Inventory plugins.
#CyberSecurity #ThreatIntel #Ransomware #PatchManagement
solomonneas.dev/intel
AI labs today:
π§ Anthropic Glasswing: Claude Mythos Preview targets defensive vuln discovery with major partners and $100M in credits.
π§ Gemini 3.1 Deep Research Max: API agents add MCP, files, code, streaming and charts.
π§ Codex 0.128.0: persisted /goal workflows plus GPT-5.5 guidance for complex coding and research.
#AI #MachineLearning #AIAgents #Cybersecurity
solomonneas.dev/intel
Cyber watch:
Gemini CLI host RCE in agent workflows: patch CLI/action, audit tokens and deployment secrets.
ScreenConnect CVE-2024-1708 in KEV: patch exposed remote-access servers and hunt for compromise.
π‘ Mini Shai-Hulud hits npm, PyPI, PHP packages: rotate dev secrets.
solomonneas.dev/intel
#CyberSecurity #ThreatIntel #VulnerabilityManagement #SupplyChain
cPanel/WHM auth bypass zero-day exploited
CVE-2026-41940, CVSS 9.8. Patch and restrict WHM ports now.
OpenClaw bootstrap pairing flaw
CVSS 9.1 privilege escalation in pre-2026.3.22. Update older nodes and images.
#CyberSecurity #CVE #ThreatIntel #PatchNow
solomonneas.dev/intel
οΈ OpenClaw 2026.4.26: Talk workflows and live browser control
Releasebot flags broader Control UI and Talk workflow upgrades, Google Meet support, live-browser control, plus reliability fixes across agents, memory, cron, and gateway startup.
#DevTools #OpenClaw #AIAgents #DevOps
solomonneas.dev/intel
Defender zero-day added to KEV. FortiClient EMS SQLi is now in KEV with active exploitation. π‘ Bitwarden CLI npm hijack may have exposed GitHub, npm, and cloud secrets. Patch immediately, review exposed EMS, and rotate creds if @bitwarden/cli 2026.4.0 was used. solomonneas.dev/intel
#CyberSecurity #VulnerabilityManagement #ThreatIntel #AppSec
π§ OpenAI rolls out GPT-5.5 in ChatGPT: GPT-5.5 hits ChatGPT and Codex, with GPT-5.3 now the default router. API access is still missing. π§ Anthropic hard retires Claude Haiku 3: Claude Haiku 3 now errors, so older integrations need a fast swap to Haiku 4.5. solomonneas.dev/intel
οΈ IntelliJ IDEA 2026.1: Cursor via ACP Registry, Java 26 support, Wayland default on Linux. οΈ Windsurf Wave 13: parallel multi-agent sessions, Git worktrees, SWE-1.5 Free default. οΈ DeepSeek-V4 preview: 1M-token context with lower compute and KV cache for agents. solomonneas.dev/intel #DevTools #AIEngineering #JetBrains #Agents
π§ Claude Opus 4.7 lands: Anthropic's new flagship for reasoning and agentic coding keeps $5/$25 API pricing across Claude, API, Bedrock, Vertex, and Foundry.
π§ NVIDIA deprecated GLM-5 in NIM and is pushing GLM-5.1, so teams should review migrations now.
solomonneas.dev/intel
#AI #MachineLearning #LLM #MLOps
Anthropic pulled third-party subscription support for OpenClaw. The Claude CLI workaround kept triggering abuse classifiers. A lot of people walked away.
I rebuilt around GPT 5.4 as orchestrator, local embeddings, and strict agent lanes. Full field report with real failures and real fixes.
#OpenClaw #GPT54 #AIAgents https://solomonneas.dev/blog/openclaw-after-anthropic-how-i-made-gpt-54-work/
οΈ OpenClaw 2026.4.20: update regression can drop grammy in npm installs and break doctor. Workaround: manual dependency install.
οΈ LangChain 1.3.0: SSRF hardening, Opus 4.7 support, OpenAI streaming fixes.
οΈ Cloudflare Project Think preview: durable execution, sub-agents, sandboxed code execution, persistent sessions.
solomonneas.dev/intel
#DevTools #AIEngineering #OSS #PlatformEngineering
Two AI lab updates practitioners should track:
π§ Mistral Connectors: built in + custom MCP in API/SDK, plus approval flows for governed agents.
π§ Qwen Code: free OAuth quotas now explicit at 60 rpm and 1k/day, with local OpenAI compatible provider support.
CISA KEV: 8 flaws now actively exploited, including Quest KACE SMA CVSS 10.0 and Cisco SD-WAN. Google Antigravity bug enabled sandbox escape to RCE in AI dev tooling. π‘ French ANTS breach may expose data tied to 19M records. Patch, isolate, and warn users. #cybersecurity #infosec #threatintel #vulnmgmt
solomonneas.dev/intel
Two dev tooling updates worth tracking today:
οΈ Cursor 3.1: durable canvases in the Agents Window plus CLI debug mode and /btw for smoother bug hunts.
οΈ Ollama 0.20.7: Gemma 4 support, MLX optimizations, Copilot CLI/Hermes launch integrations, and better streaming tool calls.
solomonneas.dev/intel
Opus 4.7 is not a drop-in upgrade. Anthropic added real stuff: xhigh effort, adaptive thinking, task budgets, a big vision bump. They also shipped API breaks, a tokenizer that eats more tokens for the same text, and enough backlash that limits got raised fast.
If you build on Claude, read the migration docs before swapping models.
οΈ Gemini 3.1 Flash TTS preview: promptable speech generation
Google's new gemini-3.1-flash-tts-preview lets developers steer voice delivery and style through prompts via the standard Gemini API. Worth watching for voice UX, assistants, and multimodal apps.
π§ OpenAI pushes GPT-5.4 deeper into enterprise workflows: 83% GDPVal, stronger computer-use and RPA positioning.
π§ NVIDIA open-sources Ising for quantum calibration and error correction, with 2.5x faster decoding.
solomonneas.dev/intel
#AI #GenAI #MachineLearning #EnterpriseAI
