AI & VibeSec

May 14, 2026

From Prompt to Runtime: Four Ways to Find NGINX Rift (CVE-2026-42945) with OX Security

• 
• 

Moshe Siman Tov Bustan, Sagiv Peer

May 12, 2026

CVE-2025-69443: Archon OS Vulnerable To Unauthenticated Web-To-Client Attack

• 
• 

Moshe Siman Tov Bustan, Nir Zadok

May 12, 2026

MarkItDown MCP Exposes Developer Machines to File Theft 

• 
• 

Moshe Siman Tov Bustan, Nir Zadok

May 12, 2026

CVE-2025-65719: Critical RCE in Kubectl MCP Server

• 
• 

Moshe Siman Tov Bustan, Nir Zadok

May 7, 2026

AI Application Security in 2026: Real Risks and Controls

• 

OX Security

April 27, 2026

Flowise (CVE-2026-40933) & Upsonic (CVE-2026-30625): What to do when best practice isn’t enough? 

• 

Moshe Siman Tov Bustan

April 27, 2026

Secure SDLC in the Age of AI: From Static Checks to Active Risk Control

• 

OX Security

April 24, 2026

Securing the AI Supply Chain: How OX VibeSec Defends Against Anthropic MCP Vulnerability

• 
• 
• 

Mustafa Naamnih, Bar Azouri, Matan Feller

April 23, 2026

AI Security Tools for CI/CD Pipelines: What Actually Holds Up

• 

OX Security

April 15, 2026

The Mother of All AI Supply Chains: Critical, Systemic Vulnerability at the Core of Anthropic’s MCP

• 
• 
• 
• 

Moshe Siman Tov Bustan, Mustafa Naamnih, Nir Zadok, Roni Bar

April 15, 2026

The Mother of All AI Supply Chains: Technical Deep Dive

• 
• 
• 

Moshe Siman Tov Bustan, Mustafa Naamnih, Nir Zadok

March 12, 2026

OX Agentic Pentester – Closing the Loop on AppSec Risk

• 

Chris Lindsey