The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
SecurityWeek

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

The Pixel 10 is getting a major security boost you'll never actually see

Google is bringing memory-safe Rust code to the Pixel 10 modem to protect users from remote hacking and memory-safety ...
SecurityWeek

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters are affected by potentially serious vulnerabilities that can expose OT and healthcare systems to ...
The Hacker News

Microsoft Issues Patches for SharePoint Zero-Day and 168 Other New Vulnerabilities

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...

From defence tool to risk factor: Understanding Anthropic's Mythos AI model

From uncovering decades-old vulnerabilities to autonomously building exploits, Anthropic's Mythos AI frontier model is ...

Explained: What is Pegasus spyware that CIA used to hack into phones of Iranian leadership

The CIA reportedly used Israeli-made Pegasus spyware to deceive Iran during a mission to rescue a downed US airman. The ...
Infosecurity Magazine

Microsoft Fixes Two Zero-Days in April Patch Tuesday

Microsoft published a higher-than-usual list of fixes for CVEs as part of its monthly Patch Tuesday update round yesterday, ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
Council on Foreign RelationsOpinion

Six Reasons Claude Mythos Is an Inflection Point for AI—and Global Security

Anthropic’s new AI model has taught itself to hack into software infrastructure systems believed to be among the most secure ...
Computer Weekly

April Patch Tuesday brings zero-days in Defender, SharePoint Server

The latest monthly Patch Tuesday update from Microsoft landed earlier on 14 April, including two notable zero-day flaws amid ...