The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...
Security Boulevard

500,000 Vulnerabilities, 14 That Matter: How Exploit Chain Analysis Cuts Through the Noise

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...
American Banker

Unpatched AI flaw poses risk to banking sector

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...
SecurityWeek

Progress Patches Multiple Vulnerabilities in MOVEit WAF, LoadMaster

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.
CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.