Security Vulnerabilities Exposed in AI Assistants and Proximity Protocols
AI 안전 | Sun Jul 05 2026 00:00:00 GMT+0000 (Coordinated Universal Time) | 3 sources
Issues surfaced around YouTube creator private video leaks, suspected Claude Code session leakage, and vulnerabilities discovered in AirDrop and Quick Share.
Analysis
[YouTube] disclosed issue related to leaking creator private videos [1]
- Raised the issue of leaking YouTube creators' private videos as indicated by the title
- Covered in a blog post on javoriuski.com
[Anthropic Claude Code] raised suspicion of Enterprise ZDR workspace session/cache leakage [2]
- Unrelated Minecraft-related conversation appeared in an authenticated Enterprise ZDR environment
- Possible failure of cache isolation between workspaces or with consumer accounts
- Concerns over leakage of sensitive enterprise chat sessions
- Officially reported as a GitHub issue
[AirDrop and Quick Share Research] discovered 6 vulnerabilities in proximity file transfer protocols [3]
- First cross-platform reverse engineering targeting proprietary protocols used by over 5 billion devices
- Reconstruction of the AirDrop 7-layer state machine and DVZip adaptive compression
- Developed the AIRFUZZ protocol-aware fuzzer
- 3 pre-authentication vulnerabilities in macOS/iOS AirDrop (V1-V3)
- 2 protocol flaws in Samsung Quick Share and a D2D encryption bypass (V4-V5)
- Google Quick Share for Windows heap use-after-free (V6
- bounty awarded)
- Apple
- Samsung
- and Google all acknowledged the reports