200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's how to audit your deployments.
i-SCOOP

Composer 2.5 in Cursor is built for long running coding work

Composer 2.5 brings stronger long running coding performance to Cursor, with targeted RL, Kimi K2.5 foundations, new pricing, ...

Microsoft Confirms Active 0-Day Exploit—Check Emergency Mitigation

Microsoft Exchange users are urged to mitigate a zero-day vulnerability that CISA has confirmed is under active exploitation.
Space Coast Daily

The Most Expensive Java Bugs in History: Vulnerabilities That Shook the Industry

Java has powered the world's most critical software for nearly three decades — from banking platforms and healthcare systems to enterprise applications and Android apps.

New Windows 'MiniPlasma' zero-day exploit gives SYSTEM access, PoC released

A cybersecurity researcher has released a proof-of-concept exploit for a Windows privilege escalation zero-day dubbed ...
Bleeping Computer

Exploit available for new DirtyDecrypt Linux root escalation flaw

A recently patched local privilege escalation vulnerability in the Linux kernel's rxgk module now has a proof-of-concept exploit that allows attackers to gain root access on some Linux systems. Named ...
Microsoft

From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

A multi-stage attack on Linux devices began with an exposed F5 BIG-IP edge appliance and pivoted to an internal Confluence ...
CSOonline

‘Trivial’ exploit can give attackers root access to Linux kernel

Experts say until the distros release patches, CSOs have to beware of unauthorized privilege escalation; Kubernetes container escape is also a risk. CSOs must ensure their Linux-based systems block ...
Ars Technica

The most severe Linux threat to surface in years catches the world flat-footed

Publicly released exploit code for an effectively unpatched vulnerability that gives root access to virtually all releases of Linux is setting off alarm bells as defenders scramble to ward off severe ...
Hosted on MSN

Apple Releases Emergency iOS Update For These iPhones To Fix Coruna Exploit: Check If Your Device Is Affected

If you still have an older iPhone, think iPhone 8, iPhone 7, or even an iPhone 6s, this is one software update you genuinely shouldn't skip. Cupertino-based tech giant Apple has pushed out iOS 15 and ...
Graham Cluley

Smashing Security podcast #466: Meta sees everything, Copy Fail, and a deepfake gets hired

Meta’s smart glasses promise privacy “designed for you” – but everything they record was being beamed off to workers in Nairobi to label by hand. When those workers blew the whistle, Meta sacked all ...
Forbes

EA UFC 6 Reveal Trailer: Here's How To Watch It

Forbes contributors publish independent expert analyses and insights. Brian Mazique has covered combat sports and video games since 2011. This voice experience is generated by AI. Learn more. This ...