Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Experts flag potentially critical security issues at heart of Anthropic MCP

Anthropic sees no issues - and says the tools are working as intended.

Clash of Prompts: The World’s First AI Prompt Battle Royale

Symbiotic Security Announces "Clash of Prompts", The World's First Live AI Prompt Battle Royale at AWS Builder Loft, ...

Chrome now lets you turn AI prompts into repeatable ‘Skills’

Google is launching a new Chrome workflow feature that allows you to reuse your favorite Gemini commands across multiple web ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...
CSO Online

China-linked cloud credential heist runs on typos and SMTP

The Linux-based ELF backdoor is targeting cloud workloads across providers, using SMTP-based C2 and typosquatted Alibaba ...

Introducing enhancements in Kiro CLI 2.0

The AWS Kiro team today is announcing v2.0, which delivers a headless mode, Windows support and an updated, refreshed user ...