A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now ...

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Overview On April 15, NSFOCUS CERT detected that Microsoft released the April Security Update patch, fixing 165 security issues involving Windows, Microsoft Office, Microsoft SQL Server, Microsoft ...

Hackers are actively exploiting a critical vulnerability in the Breeze Cache plugin for WordPress that allows uploading ...

Google Antigravity’s increasing popularity has brought the development platform into the crosshairs of researchers and ...

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

CVE-2026-33626 exploited within 13 hours of disclosure, enabling SSRF-based cloud credential theft and internal scanning.

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Mozilla has released Firefox 150 with a broad security update that fixes 41 vulnerabilities, including multiple high-impact flaws tied to memory handling, browser components and privilege controls, ...

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...