Technology

Millions of AI agents imperiled by critical vulnerability in open source package

Source

Ars Technica

Published

May 26, 2026

TL;DR

AI Generated

A critical vulnerability in the open source framework Starlette is imperiling millions of AI agents and tools worldwide, potentially allowing hackers to breach servers and access sensitive data and credentials. This vulnerability, known as BadHost (CVE-2026-48710), affects systems using Starlette versions prior to 1.0.1 and is easy to exploit on servers not behind a properly configured firewall. The flaw impacts various widely used packages in the Python AI ecosystem, including FastAPI, vLLM, and LiteLLM. Security researchers have highlighted the seriousness of this vulnerability, with a severity rating of 7 out of 10 and warnings that it poses a significant threat to users of apps relying on Starlette.

Read Full Article

TSMC Expands Use of NVIDIA AI Technologies Across Chip Production Operations

TSMC is expanding its use of NVIDIA AI and accelerated computing technologies in chip design and manufacturing operations, including lithography, process simulation, defect inspection, production scheduling, and factory optimization. By leveraging NVIDIA's CUDA-X libraries and GPU-accelerated computing platforms, TSMC has seen improvements in cycle time and cost effectiveness, particularly in computational lithography. The collaboration aims to address the complexities of modern semiconductor manufacturing and advance towards the angstrom era. AI integration in areas like transistor simulation, factory operations optimization, quality control, and digital twins for manufacturing reflects a broader industry trend towards AI-driven manufacturing for improved yield, energy efficiency, and design cycles. This partnership signifies a significant step towards autonomous, data-driven chip manufacturing and a competitive edge for leading foundries.

SemiWiki•

6 hours ago

Microsoft unveils Project Solara AI, a chip-to-cloud platform built to power a new generation of 'agent-first' enterprise devices — hardware designed to run AI agents instead of traditional apps

Microsoft has introduced Project Solara, a chip-to-cloud platform for "agent-first" enterprise devices that run AI agents instead of traditional apps. The platform includes the Microsoft Device Ecosystem Platform (MDEP), built on the Android Open Source Project (AOSP), paired with Azure-hosted agent services. Microsoft has partnered with Qualcomm and MediaTek for hardware, releasing reference designs for OEMs. Solara features just-in-time UI for adaptive interfaces and aims to provide consistency across devices. The platform targets enterprise sectors like retail, healthcare, and field services, with pilot programs already in place with major companies.

Tom's Hardware•

8 hours ago

MIT Technology Review

The Download: Trump’s new AI order, and smart glasses for warfare

President Trump signed a new AI order focusing on innovation and security, introducing a voluntary review system for tech companies to share models with the government before release. Meanwhile, defense-tech company Anduril is developing smart glasses for warfare with Meta, envisioning drone strike orders via eye-tracking and voice commands. SpaceX plans to raise $75 billion in an IPO, Meta scales back worker tracking for AI training, and Microsoft launches a new AI assistant. Additionally, concerns arise about AI's impact on mathematics, surveillance, and cybersecurity.

MIT Technology Review•

8 hours ago

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

President Trump has signed an executive order requiring AI companies to provide the government with early access to their most advanced models for up to 30 days before public release. This voluntary framework includes a classified benchmark to determine which models qualify for review. The order tasks agencies like the NSA and CISA with creating the benchmark and selecting trusted partners for review. The directive also establishes an "AI cybersecurity clearinghouse" to coordinate vulnerability scanning and patch distribution. Critics raise concerns about potential government interference in deciding who gains early access to powerful AI models.

Tom's Hardware•

9 hours ago

TSMC Expands Use of NVIDIA AI Technologies Across Chip Production Operations

SemiWiki•

6 hours ago

Microsoft unveils Project Solara AI, a chip-to-cloud platform built to power a new generation of 'agent-first' enterprise devices — hardware designed to run AI agents instead of traditional apps

Tom's Hardware•

8 hours ago

MIT Technology Review

The Download: Trump’s new AI order, and smart glasses for warfare

MIT Technology Review•

8 hours ago

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

Tom's Hardware•

9 hours ago

Millions of AI agents imperiled by critical vulnerability in open source package

TL;DR

Similar Articles

TSMC Expands Use of NVIDIA AI Technologies Across Chip Production Operations

Microsoft unveils Project Solara AI, a chip-to-cloud platform built to power a new generation of 'agent-first' enterprise devices — hardware designed to run AI agents instead of traditional apps

The Download: Trump’s new AI order, and smart glasses for warfare

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify

We use cookies

Millions of AI agents imperiled by critical vulnerability in open source package

TL;DR

Similar Articles

TSMC Expands Use of NVIDIA AI Technologies Across Chip Production Operations

Microsoft unveils Project Solara AI, a chip-to-cloud platform built to power a new generation of 'agent-first' enterprise devices — hardware designed to run AI agents instead of traditional apps

The Download: Trump’s new AI order, and smart glasses for warfare

Trump signs AI executive order seeking 30-day government access to frontier models before release — voluntary framework will include classified benchmark to determine which models qualify