CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

Open WebUI has been getting some great updates, and it's a lot better than ChatGPT's web interface at this point.

Perplexity launches its “Personal Computer” AI assistant for Mac, enabling users to automate tasks across apps, files, and ...

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Google launches a native Gemini app for macOS with instant shortcut access, screen awareness, and deep integrations for a ...

Cloudflare expands Agent Cloud with OpenAI GPT-5.4 integration and isolate-based Dynamic Workers, challenging containers as ...

Kimi K2.6 builds on Kimi K2.5 with stronger coding, better tool use, lower hallucination rates, native multimodal input, and ...

A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

An unpatched vulnerability in Anthropic's Model Context Protocol creates a channel for attackers, forcing banks to manage the ...

Top photo ID apps leak user data - over 150,000 thought to have been affected; Huge data leak of 149 million credentials ...