A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...

AI-powered Minecraft modding tools are making it possible for anyone to create custom textures, mods, and plugins without writing a single line of code. From generating pixel-perfect resource packs to ...

Google's Agent Development Kit for Java reached 1.0, introducing integrations with new external tools, a new app and plugin ...

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

Anthropic’s Model Context Protocol, a fast-growing standard used to connect AI models with external tools and data, has come ...

On the heels of its recent relesae of Claude Managed Agents, Anthropic this week has released to public beta Memory on Claude ...

A compromised developer's repository serves as a worm-like infection vector to spread remote access Trojans (RATs) and other ...