New critical Exim mailer flaw allows remote code execution

A critical vulnerability affecting certain configurations of the Exim open-source mail transfer agent could be exploited by ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...

AI agents show they can create exploits, not just find vulns

Sure, AI agents such as Mythos can find security vulnerabilities in software, but the bigger question is whether they can ...
CSO Online

13 new critical holes in JavaScript sandbox allow execution of arbitrary code

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code ...
Dark Reading

'TrustFall' Convention Exposes Claude Code Execution Risk

Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

Google has fixed a critical flaw in its agentic integrated developer environment (IDE) Antigravity that led to sandbox escape and remote code execution (RCE) after researchers created a proof of ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.
Visual Studio Magazine

VS 2026 Joins VS Code with Integrated Cloud Agent: Assign a Task, Close the IDE, Get a PR

Visual Studio 2026 now surfaces a "Cloud" option in the Copilot Chat agent picker, bringing it in line with VS Code, which has offered cloud agent delegation for longer. The cloud agent runs on GitHub ...