CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

A single unauthenticated connection gives attackers a full shell; credential theft observed in under three minutes on honeypot servers.

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...

A routine software update for Anthropic's Claude Code tool accidentally leaked its entire source code, sparking rapid community response. Within hours, a developer rewrote the tool in Python and then ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Automation that actually understands your homelab.

A newly discovered threat actor is using Microsoft Teams, AWS S3 buckets, and custom "Snow" malware in a multipronged ...

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Hackers are exploiting a critical vulnerability in Marimo reactive Python notebook to deploy a new variant of NKAbuse malware ...