The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...

The AI governance mirage: Why 72% of enterprises don’t have the control and security they think they do

VentureBeat research finds 72% of enterprises are running multiple "primary" AI platforms with no clear owner — creating ...

Operant AI Launches CodeInjectionGuard to Defend AI Agents Against Runtime Code Injection Attacks

Operant AI builds runtime security for AI agents, defending autonomous systems at the point of execution where static analysis and pre-deployment scanning cannot reach. Agent Protector provides ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.