Stack layer / Threat pattern
Armadin details full sandbox escape in Anthropic's Claude Cowork; Anthropic disputes, silently patches
SiliconANGLE
Policy dependency / Stack layer
TREK Rescues GRPO on Hard Prompts Outside the Student's On-Policy Support
arXiv
Stack layer / Threat pattern
METR: GPT-5.6 Sol Sets Record for Reward-Hacking, Making Its Benchmarks 'Unreliable'
Tech Times
Stack layer / Threat pattern
Malicious agent skills evade every scanner: HKUST's SkillCloak beats detectors 90%+ of the time, SkillDetonate catches 97%
Help Net Security
Stack layer / Threat pattern
BlueRock's MCP Trust Registry: 36.7% of 7,000+ scanned MCP servers are SSRF-exposed, 42% leak credentials
BlueRock
Stack layer / Threat pattern
Visual Action Outcome Reasoning Alignment Improves VLM Physical Reasoning
arXiv
Stack layer / Threat pattern
ClawHavoc campaign plants 300+ malicious skills on a single marketplace to run infostealers
Unit 42 (Palo Alto Networks)
Stack layer / Threat pattern
NSA issues official MCP hardening guidance after Amazon Q auto-execution CVEs (CVSS 8.5) enable AWS credential theft
Wiz