Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

OpenAI drastically updates Codex desktop app to use all other apps on your computer, generate images, preview webpages

OpenAI is releasing more than 90 new plugins. These connectors—including CircleCI, GitLab, and Microsoft Suite—allow the ...

Factory hits $1.5B valuation to build AI coding for enterprises

On Wednesday, Factory, a startup developing AI agents for enterprise engineering teams, announced it had raised $150 million ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

OpenAI’s big Codex update is a direct shot at Claude Code

The package of updates comes as OpenAI’s rivalry with Anthropic intensifies, following the stellar successes of Claude Code ...
Decrypt

Claude Opus 4.7 Is Here: Anthropic’s Latest Model Delivers, But It’s a Token Eating Machine

Anthropic's new flagship model Claude Opus 4.7 beat every benchmark we threw at it, and eats tokens like a hungry teenager.
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...
TMCnet

CloudFrame Named Rising Star in ISG's 2026 Mainframe Services Research - Recognized for Deterministic Transformation at Enterprise Scale

ISG cites deterministic transformation technology, enterprise momentum in financial services and healthcare, and expanding systems integrator alliances. PRINCETON, N.J., April 14, 2026 /PRNewswire/ -- ...