Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices. Google released a Chrome security update fixing two high ...

Google has released a Chrome security update addressing two high-severity vulnerabilities that could allow attackers to execute arbitrary code or cause browser ...

A critical sandbox escape vulnerability has been disclosed in the popular vm2 Node.js library that, if successfully exploited, could allow attackers to run arbitrary code on the underlying operating ...

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...

A critical security vulnerability has been disclosed in the n8n workflow automation platform that, if successfully exploited, could result in arbitrary code execution under certain circumstances. The ...

New research revealed security weaknesses in the .NET Framework that allow attackers to execute code remotely by exploiting mishandling of Simple Object Access Protocol (SOAP) messages. The findings ...

I noticed that the ExecuterAgent executes LLM-generated Python and Bash code directly on the host machine using subprocess.Popen. This is a significant security risk. Beyond the danger of a buggy ...

Networking hardware maker DrayTek released an advisory to warn about a security vulnerability in several Vigor router models that could allow remote, unauthenticated actors to execute perform ...

Oasis Security has uncovered a flaw in the widely used AI-powered code editor Cursor that lets malicious repositories silently execute code the moment a developer opens them. According to a disclosure ...

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. The agency has added the ...