200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
The Hacker News

PyTorch Lightning and Intercom-client Hit in Supply Chain Attacks to Steal Credentials

Malicious Lightning 2.6.2/2.6.3 released April 30 enable credential theft via hidden payload, leading to PyPI quarantine and ...
The Hacker News

New Wave of DPRK Attacks Uses AI-Inserted npm Malware, Fake Firms, and RATs

Claude Opus commit added malicious npm dependency in Feb 2026, enabling crypto theft and persistent RAT access.
UK Defence Journal

SEA sets out fast-update sonar approach at UDT 2026

Dr Charlie Pearson of SEA said at UDT 2026 that a modular, software-led approach is enabling faster deployment of sonar processing for systems like KraitSense. #UDT2026 ...
The Manufacturer

The AI-powered R&D department: how agentic AI is supercharging engineering velocity

Industrial R&D teams sit on a goldmine of testing and operational data. But until now, unlocking that data required costly, ...
The Security Ledger

How Claude Planted Malicious Code In A Crypto-Trading App

A new report from ReversingLabs identified a new tactic by North Korean hackers: feeding malicious code to the AI systems ...
XDA Developers on MSN

Claude Code replaced my bloated PC optimization tools with custom scripts, and my Windows PC has never been happier

Say "no" to running dubious scripts.
How-To Geek on MSN

3 fantastic plugins to power up your Vim statusline

Avoid time-consuming configuration and get an awesome statusline right away with these convenient plugins.
Techzine Europe

SAS Viya brings data infrastructure and agentic AI closer to each other

SAS is expanding Viya with Viya Copilot, an MCP Server, and the Agentic AI Accelerator for managed, production-ready agentic ...
Newsworthy.ai

An AI Escaped Its Sandbox, Emailed a Researcher, Then Self-Published Its Own Exploit Online!

VectorCertain LLC today announced new validation results demonstrating that its SecureAgent platform successfully detected ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...