Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

Its Mythos Preview model, which can allegedly find and exploit critical zero-days, also comes with certain controls, the ...