InfoSecBulletin Cybersecurity for mankind
Terra Security shared results from recent tests that showed flaws in AI apps, agents, and AI-made code workflaws. The company has launched a new module for its constant testing platform. This lets security experts keep simulating attacks on AI systems to find flaws.
Terra has tested different applications made with AI coding tools like Claude Code, fast app-making platforms like Loveable and Base44, and business software that uses AI chat features over the last few months. The company found common security issues that are different from usual software flaws, like CVE-2026-25724, found in Anthropic’s Claude Code by Terra Security researchers.
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
Critical Cisco ISE Vulnerability Enables Remote Code Execution
F5 Patches NGINX Flaw for Code Execution and DoS Attacks
FortiBleed: 70,000 Fortinet Firewalls Compromised Globally
After bringing the finding to Anthropic, they quickly acknowledged the risk and resolved the symbolic link issue in Claude Code versions 2.1.7 and later.
The study found that in all applications with AI chats or Agents, there were AI security problems.
Real-World AI Vulnerabilities Observed in Large Enterprises’ Production Environments:
Prompt injection attacks against AI copilots
Indirect prompt injection through embedded or third-party content
Sensitive system prompt leakage
Cross-tenant data exposure in AI copilots
Privilege escalation via AI tool execution chains
Reverse shell execution through AI-enabled command workflows
Broken authorization logic in AI-generated business processes
Exposure of internal APIs introduced during AI-assisted feature expansion
Cross-site scripting via LLM Prompt Injection with authentication bypass
“Some of these issues did not stem from malicious intent or overt misconfiguration, but from complex interactions between AI agents, application logic, and operational tooling,” said Shahar Peled, CEO and Co-founder of Terra Security. “With AI systems committing code with vulnerabilities, modifying configurations, and interacting with pipelines, organizations need visibility into real-world exploitability in production environments, not just theoretical risk. We are proud to be able to provide the means for pentesters to monitor these actions continuously using the Terra platform.”
As AI agents get more access to databases, APIs, and tools, small mistakes can quickly spread across systems. Anthropic’s new security updates to Claude Code show that the industry is paying more attention to finding problems in the code.
“Traditional scanners look for known patterns,” said Gal Malachi, CTO and Co-Founder of Terra Security. “What we’re seeing with AI-powered systems is contextual vulnerabilities in cases where the model behaves as designed, but the surrounding application or permission model allows unintended outcomes. A prompt injection may not resemble a conventional code flaw, yet it can still expose sensitive data or trigger unsafe actions if safeguards are incomplete.”
How to Use Agentic Tools Safely: 5 Practical Dos and Don’ts
Agentic tools are very powerful, but using them safely needs careful handling. The guidelines below show simple steps for using them responsibly in today’s work.
Do not run unknown tools blindly
Do not run agents on your host environment
Do not rely on default permissions
Do not trust repository context
Do not grant full autonomy immediately
Microsoft patches SharePoint RCE flaw CVE-2026-45659 across servers
