The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
The Hacker News

Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication

Splunk issued security updates for a critical CVSS 9.8 vulnerability in Splunk Enterprise that allows unauthenticated remote ...

Ivanti: Max severity Sentry flaw allows code execution as root

Ivanti has patched two critical vulnerabilities in its Sentry secure mobile gateway solution, including a maximum-severity ...
Microsoft

Beyond the benchmark: Advancing security at AI speed

Read how Microsoft Security has advanced its agentic vulnerability detection system, codename MDASH, integrating into ...
SecurityWeek

Hackers Exploit Langflow Vulnerability for Remote Code Execution

Hackers are exploiting CVE-2026-5027, a high-severity path traversal issue in Langflow, for remote code execution.

New unpatchable exploit targets Apple devices with A12 and A13 chips

Researchers at Paradigm Shift have published the technical details of usbliter8, a new unpatchable iPhone BootROM ...
CSO Online

Claude Code has an MCP security problem — and your developers are already using it

Claude Code is Anthropic’s AI coding assistant — a command-line tool that developers are adopting fast. It connects to ...
SecurityWeek

Chrome and Firefox Updated to Patch Critical, High-Severity Vulnerabilities

Chrome 149 and Firefox 152 updates include patches for 73 vulnerabilities, including multiple memory safety bugs.

UpdraftPlus Vulnerability Exposes 3 Million WordPress Sites

Attackers can bypass WordPress authentication, run commands as an administrator, and then install malicious plugins on ...

GitHub announces npm security changes to tackle supply-chain attacks

GitHub has announced that npm v12, expected next month, will introduce several security-focused changes aimed at blocking ...
Geeky Gadgets

LangChain Sandbox Run Untrusted Python Safely for AI Agents

Would you trust an AI agent to run unverified code on your system? For developers and AI practitioners, this question isn’t just hypothetical—it’s a critical challenge. The risks of executing ...