CSOonline

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

A critical pre-authentication remote code execution vulnerability in Marimo, an open-source Python notebook platform owned by AI cloud company CoreWeave, was exploited in the wild less than 10 hours ...
heise online

Attackers are targeting the Python notebook Marimo

As indicated by a warning message, the authentication in the context of the WebSocket endpoint /terminal/ws is broken, and attackers can exploit the “critical” vulnerability (CVE-2026-39987) without ...
Bleeping Computer

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware hosted on Hugging Face Spaces. Attacks leveraging the remote code ...
Bleeping Computer

Critical Marimo pre-auth RCE flaw now under active exploitation

Hackers started exploiting a critical vulnerability in the Marimo open-source reactive Python notebook platform just 10 hours after its public disclosure. The flaw allows remote code execution without ...
Daily Express

Monty Python

See today's front and back pages, download the newspaper, order back issues and use the historic Daily Express newspaper archive.