CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

The MCP Disclosure Is the AI Era’s ‘Open Redirect’ Moment

The MCP flaw reveals a systemic AI security gap, exposing enterprise systems to supply chain attacks and forcing a shift ...
Science Daily

Top Science News

Apr. 2, 2026 A mysterious Greek inscription found beneath the Great Mosque of Homs could pinpoint the long-debated location of an ancient sun temple. Scholars now think the mosque sits atop a sacred ...