Dark Reading

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
Tom's Hardware on MSN

Anthropic's model context protocol includes a critical remote code execution vulnerability

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.
SecurityWeek

Critical GitHub Vulnerability Exposed Millions of Repositories

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.
CSOonline

OpenAI patches twin leaks as Codex slips and ChatGPT spills

Command injection in Codex and a hidden outbound channel in ChatGPT exposed risks of credential theft and covert data exfiltration. OpenAI has fixed two flaws in its AI stack that could allow AI ...
Infosecurity Magazine

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...
Yahoo Finance

Azul Shows That Mean Time to Exploit Java Vulnerabilities Drops to Five Days

SUNNYVALE, Calif., March 31, 2026--(BUSINESS WIRE)--Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today highlighted growing security risks for enterprises relying ...
TechRadar

'Not just development tools': Security experts discover critical flaw in OpenAI's Codex which could compromise entire enterprise organizations

When you purchase through links on our site, we may earn an affiliate commission. Here’s how it works. BeyondTrust Phantom Labs finds critical command injection flaw in OpenAI’s ChatGPT Codex ...