CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researcher says

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
The Hacker News

ShowDoc RCE Flaw CVE-2025-0520 Actively Exploited on Unpatched Servers

ShowDoc CVE-2025-0520 exploited due to unpatched versions before 2.8.7, enabling remote code execution on 2,000+ instances.

Adobe Attacks Underway—Windows And Mac Users Given 72 Hours To Update

Adobe Acrobat and Reader users are under attack from hackers using a zero-day vulnerability. Update within 72 hours, Adobe ...
Morning Overview on MSN

Anthropic’s Mythos flags widespread software flaws, raising cyber risks

A vulnerability-discovery tool built by Anthropic has identified a serious flaw in FreeBSD’s Network File System, a component ...

Gimp 3.2.2 patches vulnerability that allows code injection with GIFs

Security vulnerabilities in Gimp allow code injection with manipulated files like GIFs. There is no update yet.

Agents hooked into GitHub can steal creds – but Anthropic, Google, and Microsoft haven't ...

Exclusive: Researchers who found the flaws scored beer money bounties and warn the problem is probably pervasive ...

Claude Mythos can hack anything, Anthropic says. Should we believe them?

Antrophic says its newest model found vulnerabilities in every major operating system and browser—and wrote exploits for them ...
Crypto2Community

Circle Explains USDC Freeze Limits After Drift Protocol Hack

Highlights: Circle has explained why it failed to freeze stolen USD during the Drift Protocol exploit. The stablecoin issuer ...