The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
TMCnet

Speakeasy's SDK Generator Comparison

Comparison evaluates five leading SDK generators on language coverage, runtime type safety, dependency footprint, OpenAPI ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

The cybersecurity company said the systemic vulnerability is baked into Anthropic's official MCP software development kit ...
eWeek

Adobe's Firefly Butler Juggles Photoshop, Premiere, and More

The new agent will enter public beta in the Firefly web app within weeks; anyone can join the waitlist now, and usage will draw from existing generative credit pools. Firefly's new controls add studio ...

Philadelphia Flyers’ Travis Sanheim, Sean Couturier set tone in Game 1 win over Penguins

A couple of Philly veterans got their younger, less experienced teammates settled in for playoff hockey in a strong opening ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

OpenAI drastically updates Codex desktop app to use all other apps on your computer, generate images, preview webpages

OpenAI is releasing more than 90 new plugins. These connectors—including CircleCI, GitLab, and Microsoft Suite—allow the ...

New open-source Python-based software boosts space-weather modeling

University of Birmingham experts have created open-source computer software that helps scientists understand how fast-moving ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

OpenAI’s big Codex update is a direct shot at Claude Code

The package of updates comes as OpenAI’s rivalry with Anthropic intensifies, following the stellar successes of Claude Code ...

Hackers exploit Marimo flaw to deploy NKAbuse malware from Hugging Face

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...