XChat Claims Encryption but Keys Sit on X's Servers
XChat launched April 24 promising end-to-end encryption, but security researchers found private keys stored on X's own servers, no certificate pinning, and a four-digit PIN as the only defense.
Articles Tagged "Security"
Best AI Compliance Automation Tools 2026
A hands-on comparison of the top AI compliance automation platforms for SOC 2, ISO 27001, and GDPR in 2026 - with real pricing, feature breakdowns, and honest assessments.
Best AI Anomaly Detection Tools 2026 - 5 Compared
Dynatrace, Datadog, Elastic, New Relic, and Anodot compared on anomaly detection accuracy, pricing, and real-world trade-offs for SRE and DevOps teams in 2026.
Best AI Security Scanning Tools 2026
A hands-on comparison of the top AI-powered security scanning platforms in 2026: Snyk, Semgrep, Aikido, Checkmarx One, GitHub Advanced Security, and ZeroPath - ranked by false positive rates, pricing, and real-world detection accuracy.
Best AI Log Analysis Tools in 2026 - 6 Compared
A data-driven comparison of the top AI-powered log analysis platforms in 2026, covering pricing, query performance, and which tool fits your team's scale.
Best AI Identity Verification Tools in 2026
A hands-on comparison of six leading AI identity verification platforms - Veriff, Persona, Jumio, Entrust IDV, Stripe Identity, and Socure - covering pricing, accuracy, deepfake detection, and which fits your use case.
Best AI Cybersecurity Tools 2026 - Autonomous SOC
A hands-on comparison of the top AI-powered cybersecurity platforms in 2026: Prophet Security, Darktrace, Vectra AI, CrowdStrike Charlotte AI, and SentinelOne Purple AI - ranked by detection accuracy, autonomous response depth, and SOC efficiency gains.
Firefox 150: Claude Found 271 Bugs, 3 Got Credits
Mozilla's blog says Claude Mythos Preview uncovered 271 vulnerabilities patched in Firefox 150. The security advisory lists 36 CVEs, and only three of them credit Anthropic. The gap is the whole story.
Discord Group Slipped Into Claude Mythos on Day One
A private Discord group has been quietly using Anthropic's most restricted AI model since the hour it shipped. They got in with a stolen contractor badge and a URL guessed from the Mercor breach.
GPT-5.4-Cyber
OpenAI's GPT-5.4-Cyber is a cyber-permissive fine-tune of GPT-5.4 Thinking with binary reverse engineering, 88.23% on professional CTFs, and access gated through the Trusted Access for Cyber program.
The Claw Security Ledger - 10 Products in the Dock
We audited ten AI agent products sold under the Claw name. The ledger shows 11 live CVEs, 130 published advisories, 1,184 malicious marketplace skills, and one leaked SSL private key - concentrated almost entirely in a single vendor.
Lovable Users Report Leak of Chats, Code, Credentials
A fresh warning from developer Morgan Linton says free Lovable accounts can still read other users' AI chat histories, source code, and database credentials on projects created before November 2025. The pattern is the same one that earned the platform CVE-2025-48757 last year.
