The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...
Developer Tech

Google releases A2UI v0.9 to standardise generative UI

Front-end engineering is evolving as Google releases its v0.9 A2UI framework to standardise generative UI. Rather than ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...

Generative AI Digest: AI Drawn Into Geopolitics

While Anthropic's dispute with the Pentagon escalated over guardrails on military use, OpenAI LLC struck its own publicized ...

What most LLM apps get wrong about security

When Nandakishore Leburu was building LLM applications at LinkedIn, he learned that the models weren't the problem. The ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Cloudflare And OpenAI Launch Agent Cloud For Enterprises

Cloudflare expands Agent Cloud with OpenAI GPT-5.4 integration and isolate-based Dynamic Workers, challenging containers as ...
Verdict on MSN

Is 'nearly right' AI generated code becoming an enterprise business risk?

Code that might appear correct but actually misses edge cases or generates inaccurate results can trigger outages, faulty ...