Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
CSO Online

Riddled with flaws, serial-to-Ethernet converters endanger critical infrastructure

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...
SecurityWeek

Google Antigravity in Crosshairs of Security Researchers, Cybercriminals

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...
The Manila Times

Operant AI Launches CodeInjectionGuard to Defend AI Agents Against Runtime Code Injection Attacks

New capability intercepts and blocks malicious code at the point of execution, closing the critical gap between vulnerability ...
Tom's Hardware on MSN

Anthropic's model context protocol includes a critical remote code execution vulnerability

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

OpenClaw-Based AI Agents Exposing 28,000 Systems to Hackers, Research Finds

The post OpenClaw-Based AI Agents Exposing 28,000 Systems to Hackers, Research Finds appeared first on Android Headlines.

Contrast Security integrates ADR with Google Security Operations for runtime app visibility in the SOC

Contrast Security integrates ADR with Google Security Operations for runtime app visibility in the SOC - SiliconANGLE ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...