CVE-2026-34040 lets attackers bypass some Docker authentication plugins by allowing an empty request body. Present since 2024, this bug was caused by a previous fix to the auth workflow. In the ...

▲头图由AI辅助生成 智东西 编译 | 陈佳 编辑 | 程茜 智东西4月17日消息， 4月15日以色列网络安全公司OX Security发布研究报告，指出Anthropic主导开发和维护的模型上下文协议（MCP）存在架构级安全漏洞。该漏洞已影响超过3 ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Android Package (APK) malformation has emerged as a standard Android malware evasion tactic, with the technique identified in more than 3000 malicious samples across families including Teabot, TrickMo ...

When Nandakishore Leburu was building LLM applications at LinkedIn, he learned that the models weren't the problem. The ...

A cybersecurity researcher says Recall’s redesigned security model does not stop same-user malware from accessing plaintext ...

Anthropic sees no issues - and says the tools are working as intended.

Code that might appear correct but actually misses edge cases or generates inaccurate results can trigger outages, faulty ...

Cloudflare expands Agent Cloud with OpenAI GPT-5.4 integration and isolate-based Dynamic Workers, challenging containers as ...

Breakdown of the Trivy GitHub Actions attack, including workflow misconfigurations, token theft, and supply chain exposure.

Microsoft is exploring OpenClaw-like bots for Microsoft 365 Copilot, signaling a bigger push into enterprise AI agents, ...