Dark Reading

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

CISA flags new SD-WAN flaw as actively exploited in attacks

CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...
InfoQ

Google ADK for Java 1.0 Introduces New App and Plugin Architecture, External Tools Support, and More

Google's Agent Development Kit for Java reached 1.0, introducing integrations with new external tools, a new app and plugin ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

GitLab Extends Agentic AI with New Automated Security Remediation, Pipeline Setup, and Delivery Analytics

GitLab 18.11 helps address those gaps with platform-native agents that have access to the code, pipelines, issues, and ...
CSO Online

NIST cuts down CVE analysis amid vulnerability overload

The agency will only add enrichment details to CVEs in limited cases going forward, prioritizing known exploited flaws and ...

Azul Delivers Strong FY26 Momentum Fueled by Java Platform Innovation, Channel Expansion and a Growing Enterprise Java Ecosystem

Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today announced strong corporate momentum ...

Experts flag potentially critical security issues at heart of Anthropic MCP

Anthropic sees no issues - and says the tools are working as intended.

SAP Patchday: One critical SQL injection vulnerability – and 18 others

On the April Patchday, SAP addresses vulnerabilities with 19 security notes. One critical vulnerability allows the injection ...