AI Bug Hunters, CISA's GitHub Blunder, and a Bad Week for Linux

Two threads dominated this week's security landscape: AI systems proving they can find vulnerabilities faster and more reliably than most human researchers, and the humans responsible for protecting critical infrastructure continuing to make elementary mistakes.

AI Vulnerability Discovery Crosses a Threshold

Anthropic's Claude Mythos Preview was already restricted from public release on the grounds that it was too capable at finding exploitable code. This week, the picture sharpened considerably. Mozilla reported that 271 vulnerabilities surfaced by Mythos in Firefox had "almost no false positives" — a precision rate that would embarrass most professional pen-test engagements. Cloudflare published results from Project Glasswing, where they pointed Mythos and other security-focused LLMs at live infrastructure code, finding genuine capability alongside significant gaps. Then the UK's AI Security Institute found GPT-5.5 comparable to Mythos on the same benchmarks — and GPT-5.5 is publicly available. The capability is no longer locked behind one restricted model. The predictable side effect: bug-bounty programs are drowning in AI-generated slop, low-confidence machine-generated submissions that consume triage time without finding real bugs.

CISA's Own-Goal: Credentials in a Public GitHub Repo

The Cybersecurity and Infrastructure Security Agency — the body charged with protecting US federal infrastructure — spent roughly six months with a contractor's AWS GovCloud keys and SSH credentials sitting in a public GitHub repository. The accounts had privileged access to internal CISA systems; the commit history fixes the exposure window at November 2025. This is not a sophisticated supply-chain intrusion or a novel attack class — it is the plainest possible operational security failure, at the agency whose core mission is preventing exactly this.

Linux Under Siege: Two Severe Vulnerabilities in Weeks

The Copy.Fail vulnerability — a local privilege escalation chaining the kernel crypto API (AF_ALG sockets) with splice() to achieve arbitrary kernel writes — earned the description "worst Linux vulnerability in years" from multiple researchers. A working PoC was published by Theori on April 29; practical exposure is widest on multi-tenant servers, CI/CD pipelines, and Kubernetes clusters. Cloudflare documented their detection-to-mitigation response across their global fleet. Timing made things worse: Ubuntu's infrastructure went down for more than a day during the disclosure window, hampering patch communication. A second severe Linux vulnerability followed days later. Production patches for both are available and should be treated as urgent.

YellowKey: Default BitLocker Is Not Encryption at Rest

A researcher going by Nightmare-Eclipse published a zero-day that reliably bypasses BitLocker on default Windows 11 deployments. Physical access is required — but for anyone running BitLocker to protect against device theft or forensic imaging, that is precisely the threat model it is supposed to address. Microsoft says it's investigating. The practical takeaway is a familiar one: default encryption configurations routinely trade security for usability in ways users don't realize until it matters.

Canvas Breach Hits Schools Mid-Finals; Supply-Chain Attacks Persist

A data extortion group defaced Canvas's login page and disrupted the platform during finals week, forcing schools and colleges across the US to postpone year-end exams. Timing attacks on education infrastructure during high-stakes periods are not accidental — ransom leverage is maximized when the cost of downtime is highest. Separately, Daemon Tools was backdoored for roughly a month in a supply-chain compromise targeting developer machines. Security firms found themselves specifically targeted in a separate campaign hitting Checkmarx and Bitwarden — a pattern of attackers going after the tools that defend the defenders.

AI's ability to find bugs at scale is no longer hypothetical: it is in production at Mozilla, it is shipping in a publicly available model, and it will reshape the economics of both offense and defense. Whether organizations can operationally outpace that shift — given that CISA is still committing GitHub credential dumps in 2026 — is the more open question.