Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
SecurityWeek

AI Coding Agents Could Fuel Next Supply Chain Crisis

Researchers demonstrate how attackers can weaponize trusted repositories to hijack AI coding assistants and compromise ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

Google has fixed a critical flaw in its agentic integrated developer environment (IDE) Antigravity that led to sandbox escape and remote code execution (RCE) after researchers created a proof of ...
InfoWorld

Visual Studio Code 1.115 introduces VS Code Agents app

Preview of new companion app allows developers to run multiple agent sessions in parallel across multiple repos and iterate on human and agent reviews. Visual Studio Code 1.115, the latest release of ...
VentureBeat

In the wake of Claude Code's source code leak, 5 actions enterprise security leaders should take now

Every enterprise running AI coding agents has just lost a layer of defense. On March 31, Anthropic accidentally shipped a 59.8 MB source map file inside version 2.1. ...
Polygon

Super Mario Bros. players uncover the biggest glitch in the game's 40-year history

Over 40 years after its release, you'd think that there would be no more secrets to be found in Super Mario Bros. A group of dedicated speedrunners just smashed that theory, discovering a ...
Fox News

Florida Supreme Court keeps ex-cop's execution on hold after DNA test fails to give a clear answer

The execution of a former police officer convicted of murdering and raping a young girl nearly 40 years ago will remain on hold after the state Supreme Court on Monday denied the state’s request to ...
InfoWorld

Vim and GNU Emacs: Claude Code helpfully found zero-day exploits for both

A simple prompt sent Claude Code on a mission that uncovered major security vulnerabilities in popular text editors — and then suggested ways to exploit them. Developers can spend days using fuzzing ...
Ars Technica

Entire Claude Code CLI source code leaks thanks to exposed map file

The entire source code for Anthropic’s Claude Code command line interface application (not the models themselves) has been leaked and disseminated, apparently due ...
Tampa Bay Times

DNA results come back inconclusive for Florida ex-cop facing execution

James Duckett was granted a rare stay of execution Thursday ahead of his scheduled lethal injection on Tuesday. The state is asking for the stay to be lifted. James Duckett appears in a photo taken on ...
TechCrunch

Anthropic hands Claude Code more control, but keeps it on a leash

For developers using AI, “vibe coding” right now comes down to babysitting every action or risking letting the model run unchecked. Anthropic says its latest update to Claude aims to eliminate that ...