200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.

Hadrian Releases OpenHack, Democratizing AI Vulnerability Discovery

Hadrian today released OpenHack, a tool for AI-powered source code review that delivers high-quality results at a fraction of the cost of a human reviewer. Released under the MIT License, OpenHack ...
XDA Developers on MSN

OpenClaw promised a self-hosted AI assistant I could actually leave running, but Hermes Agent is the one that delivers it

Hermes Agent gets a lot right, and it's something I'd trust a lot more than OpenClaw.
TechCrunch

Dental practice software maker fixes bug that exposed patients’ medical records

Practice by Numbers, the developer of a patient management software used in thousands of dentists’ offices, has fixed a security flaw that exposed the private health records of patients on a portal ...
InfoWorld

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting GitHub.com and Enterprise Server. A critical remote code execution (RCE) ...
CSOonline

Critical Palo Alto Networks software bug hits exposed firewalls

A critical PAN-OS vulnerability affecting the User-ID Authentication Portal is being actively exploited to achieve unauthenticated remote code execution with root privileges on exposed firewalls. Palo ...
WBAL-TV

Parts of Baltimore County abuzz over annoying little bugs called midges. What's being done about it?

IN THE NEIGHBORHOOD. BUZZ IS ABOUT LITTLE BUGS. THEY’RE CALLED MIDGES. WE FOUND SOME SNARED IN SPIDER WEBS ON LIGHT POSTS AT A MARINA IN MIDDLE RIVER. THE AQUATIC FLIES SWARM AND BREED NEAR WATER AND ...
siliconera

Review: HoloVillage: Our Cozy Days Is a Bug-ridden Holo Indie

HoloVillage: Our Cozy Days begins by explaining that Kumarine roamed around alone, searching for a certain flower. She happened upon a small abandoned village, where she now serve as mayor with Nodaka ...
Hosted on MSN

Ghost tapping scam exposed: How thieves are charging your card without you knowing

Most Americans say Trump is mentally, physically unfit to serve effectively: Poll Video shows United flight crashing into truck on New Jersey Turnpike Land O'Lakes finally settles the debate: How long ...
Bleeping Computer

Critical cPanel and WHM bug exploited as a zero-day, PoC now available

The critical CVE-2026-41940 authentication bypass vulnerability in cPanel, WHM, and WP Squared is being actively exploited in the wild and has been leveraged in attempts since late February. It is ...
Computerworld

Edge browser leaves passwords exposed in plain text, says researcher

A Norwegian researcher has identified an issue with Microsoft Edge’s Password Manager that could be a serious concern for businesses. Tom Jøran Sønstebyseter Rønning found that passwords are being ...