We built a vulnerability vending machine: AI tokens in, zero-days out
ID: cda5d522-6ef7-5320-9862-08696b0b76b5
STIX ID: report--cda5d522-6ef7-5320-9862-08696b0b76b5
Feed Name: Bleeping Computer
Threat Score
Intruder describes a pipeline that uses Joern-based program slicing and LLM agents to triage and automatically exploit code slices; the system discovered a blind SQL injection (CVE-2026-3985) in the widely used Creative Mail WordPress plugin that can expose database contents (including admin hashes and tokens) when WooCommerce is present, and the plugin has been removed pending remediation.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
