The DuneSlide vulnerabilities enable zero-click prompt injection attacks that escape Cursor's sandbox and execute arbitrary code on the underlying operating system.
Seven malicious PyPi packages were found using Gmail's SMTP servers and WebSockets for data exfiltration and remote command execution. The packages were discovered by Socket's threat research team, ...
Over 77,000 Internet-exposed IP addresses are vulnerable to the critical React2Shell remote code execution flaw (CVE-2025-55182), with researchers now confirming that attackers have already ...
Splunk systems are at risk from a remote command execution (RCE) vulnerability. Tracked as CVE-2026-20163, the flaw allows bad actors to carry out arbitrary shell commands directly on the host ...
As part of the effort to push Large Language Model (LLM) ‘AI’ into more and more places, Anthropic’s Model Context Protocol (MCP) has been adopted as the standard to connect LLMs with various external ...
Unsafe defaults in MCP configs open servers to possible remote code execution, as evidenced by several commercial services and open-source projects. AI agent building tools enable users to configure ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results