IT之家4 月 16 日消息，网络安全公司 OX Security 昨日（4 月 15 日）发布报告，披露 Anthropic 的 MCP（模型上下文协议）存在设计缺陷，可导致远程代码执行。 该设计缺陷影响范围极广，导致超过 20 万台 AI 服务器面临远程代码执行风险。 IT之家注：MCP 全称为 Model Context Protocol，是 Anthropic 公司于 2024 年 11 ...

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

A severe cross-site-scripting (XSS) vulnerability in DNN, a popular open-source content management platform, allows attackers ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Secure software execution has become a critical concern as modern computing systems, ranging from embedded devices to enterprise platforms, face increasingly sophisticated adversaries. Recent studies ...

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...

Today is Microsoft's April 2026 Patch Tuesday with security updates for 167 flaws, including 2 zero-day vulnerabilities.

Trusted Execution Environments (TEEs) constitute a critical component in modern security architectures by establishing isolated processing domains within standard computing platforms. These ...

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist malicious code. Threat actors behind the long-running Contagious Interview ...