A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

Anthropic’s powerful Claude Mythos AI model found hundreds of vulnerabilities in Mozilla Firefox, highlighting its ...

We are at an inflection point in cybersecurity. Recent advances in AI model capabilities are changing how vulnerabilities are ...

Earlier this month, Anthropic said its Mythos Preview model was so good at finding cybersecurity vulnerabilities that the ...

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

Chainguard has announced a partnership with Cursor that directly addresses one of the fastest-growing risks in software development: trusting code generated by AI agents. As development workflows ...

Lovable's API exposed source code and database credentials for 48 days after the company closed a bug report. Up to 62% of AI ...

Explores Zero Trust, SBOM, and practical steps to secure the software supply chain, boost resilience, and communicate risk to leadership.

A researcher analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly ...

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...