A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

New research reveals that AI agents—like OpenClaw—are exposing thousands of systems to hackers, posing notable security risks ...

A code execution vulnerability in the Unity game engine could be exploited to achieve code execution on Android and privilege escalation on Windows. Unity is a cross-platform game engine and ...

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.

Secure software execution has become a critical concern as modern computing systems, ranging from embedded devices to enterprise platforms, face increasingly sophisticated adversaries. Recent studies ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

Microsoft has released its August 2025 Patch package, a cumulative set of updates addressing more than 100 vulnerabilities across a host of its products. Microsoft’s SharePoint Server Remote Code ...

What if your code could think beyond syntax, anticipating bugs, predicting outcomes, and even reasoning through complex problems? Enter Meta’s Code World Model (CWM-32B), a innovative leap in ...