CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Seal Security Launches Mythos Readiness Program to Close the "Silent Patch Gap" Between Fix Commits and CVE Advisories

Research shows 94% of CVE fix commits are pushed publicly before the advisory - a median 11-day window in which attackers can now weaponize a bug in minutes using frontier AI agents. The program ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

AISLE’s Open Analyzer — Finding and fixing vulnerabilities without gated frontier models

Finding vulnerabilities is something the industry has done well, but remediating them hasn't been. Just look at how many ...

Final Android 17 Beta 4 Released Before Stable Released (Download)

Google has released Beta 4 — the last scheduled beta before stable. It fixed over a dozen critical bug, from charging ...