The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...

Generative AI Digest: AI Drawn Into Geopolitics

While Anthropic's dispute with the Pentagon escalated over guardrails on military use, OpenAI LLC struck its own publicized ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Newser on MSN

AI-assisted hackers blamed for massive security breach

Hackers just showed how much damage a few people with AI tools can do. Cybersecurity firm Gambit Security says a small group ...

Experts flag potentially critical security issues at heart of Anthropic MCP

Anthropic sees no issues - and says the tools are working as intended.

Cloudflare And OpenAI Launch Agent Cloud For Enterprises

Cloudflare expands Agent Cloud with OpenAI GPT-5.4 integration and isolate-based Dynamic Workers, challenging containers as ...

Google shoehorned Rust into Pixel 10 modem to make legacy code safer

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
Hackaday

This Week In Security: Flatpak Fixes, Android Malware, And SCADA Was IOT Before IOT Was Cool

Rowhammer attacks have been around since 2014, and mitigations are in place in most modern systems, but the team at gddr6.fail has found ways to apply the attack to current-generation GPUs.
TechRepublic

surveillance systems

China-linked hackers breached an FBI surveillance system, exposing sensitive investigation data and prompting a “major incident” classification. TechRepublic Get the web's best business technology ...
Infosecurity-magazine.com

Security Researchers Sound the Alarm on Vulnerabilities in AI-Generated Code

Vibe coding tools like Anthropic's Claude Code are flooding software with new vulnerabilities, Georgia Tech researchers have warned. At least 35 new common vulnerabilities and exposures (CVE) entries ...