Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
LeMagIT

De LockBit à DragonForce en passant par RansomHub : sur les traces d'Evil Corp

C'est un outil spécifique utilisé à des fins de persistance après l'intrusion initiale qui a trahi l'arrivée d'Evil Corp dans ...
eWeek

Perplexity Launches ‘Personal Computer’ AI Assistant for Mac Users

Perplexity launches its “Personal Computer” AI assistant for Mac, enabling users to automate tasks across apps, files, and ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...

Most enterprises can't stop stage-three AI agent threats, VentureBeat survey finds

How mature is your AI agent security? VentureBeat's survey of 108 enterprises maps the gap between monitoring and isolation — ...
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Do not fall for this fake Windows update support site. It’s spreading a password-stealing malware

Malwarebytes warns that a fake Microsoft support site is distributing password-stealing malware through a spoofed Windows update installer ...
InfoWorld

Are AI certifications worth the investment?

Nearly 80 percent of organizations now use AI in at least one core business process, according to McKinsey, yet widespread adoption has surfaced a persistent problem: a deep shortage of professionals ...
The MercuryOpinion

The Mercury’s Sound Off for Wednesday, April 15

The Mercury’s front page on 4/7 detailed the reduction of Fentanyl deaths due to the hard work of President Trump and the ...