An attacker pushed a malicious version of the popular elementary-data package Python Package Index (PyPI) to steal sensitive ...

People hacking branded AI bots can result in significant reputational, financial, and legal consequences. There appears to be ...

Anthropic fixed a significant vulnerability in Claude Code's handling of memories, but experts caution that memory files will ...

Every secure API draws a line between code and data. HTTP separates headers from bodies. SQL has prepared statements. Even email distinguishes the envelope from the message. The Model Context Protocol ...

Google is rolling out Gemini in Chrome across seven APAC markets, adding in-browser AI tools for summaries, image edits, and ...

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

As AI agents increasingly rely on third-party API routers, criminals are using this dependence to trick users and inject malicious code into their machines.