An internal Google memo, first circulated in early April 2026 and since described by multiple people familiar with its ...

A multi-tenant authentication gap in Microsoft’s AI operations agent exposed live command streams, internal reasoning, and ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Back in 2019, AI attracted attention for producing quirky, weird content. By 2022, it was producing occasionally passable ...

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Automation that actually understands your homelab.

A critical flaw in Python tool Marimo was exploited within 10 hours of disclosure, researchers report, highlighting how quickly attackers are now turning vulnerability advisories into real-world ...

Over 1,000 exposed ComfyUI instances exploited via unauthenticated code execution, enabling Monero mining and botnet expansion.

Add working directories to your OpenCode session — inspired by Claude Code's /add-dir command. When you need an agent to read, edit, or search files outside the current project, this plugin grants ...