Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

How I vibe-coded a web tool in three days with no programming experience

AI chatbots make it possible for people who can’t code to build apps, sites and tools. But it’s decidedly problematic.
eWeek

Apple, Google Face Scrutiny as ‘Nudify’ Apps Hit 483M Downloads

TTP says Apple and Google app stores surfaced ‘nudify’ apps tied to 483 million downloads through search results, ads, and ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
American Banker

Unpatched AI flaw poses risk to banking sector

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...
The Next Web

Google just launched its agentic enterprise play, and it runs from chip to inbox

Google launches AI agent suite at Cloud Next 2026 with Workspace Studio, A2A protocol at 150 orgs, and Project Mariner. The pitch: only Google owns the full stack.
Dark Reading

UNC6692 Combines Social Engineering, Malware, Cloud Abuse

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
The Droid Guy

I Spent 24 Hours Benchmarking GPT-5.5 Against Claude Opus 4.7 — Here Is What Actually Happened

Within hours I paused an ongoing Opus 4.7 benchmark, swapped the API keys, and ran the exact same methodology on ...
TMCnet

SAS advances its AI-ready data management foundation for industry agents and automation, with governance built-in

Integrated analytics and AI-driven automation help enterprises prepare, govern and activate data for trusted AI at scale.