NewsGitLab AI Gateway CVE-2026-1868 CVSS 9.9 RCEGitLab Security Advisory·high signalHighest-CVSS AI agent platform vulnerability. Template injection in Duo Workflow enables RCE via agent flow definitions.SourceSource pageGitLab Security Advisory↳ Follow the threadStack layer / Threat patternOpenClaw ships broad July 6 platform update: GPT-5.6 support, external harness attach, hardened provider I/OReleasebotStack layer / Threat patternAWS open-sources Loom, an enterprise agent platform built on Strands Agents + Bedrock AgentCore RuntimeAWS Open Source BlogPolicy dependency / Stack layerIAPS warns on Kimi Claw: security and governance risks of Chinese-hosted 'always-on' AI agentsIAPSThreat pattern / ContrastMid-Session Tool Injection weaponized against WebMCP agents via threshold poisoning and fake diagnostic eventsAdversa AIThreat patternLangflow becomes the first AI agent platform on CISA's KEV after 20-hour exploitationSysdigPolicy dependency / Stack layerHalluSquatting weaponizes LLM hallucinations to push botnet malware into agentsThe Hacker NewsStack layer / ContrastOpenAI launches ChatGPT Work, an agentic workspace on GPT-5.6, with Sol/Luna/Terra model tiersInfoWorldStack layerAgentPrizm Launches AgentMemory + AgentSkills, Pairing a REST API With MCP for Persistent Agent MemoryLatent Space