CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
DataBreachToday

Breach Roundup: Mr. Raccoon Wants Your Password

This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda ...

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...

AISLE’s Open Analyzer — Finding and fixing vulnerabilities without gated frontier models

Finding vulnerabilities is something the industry has done well, but remediating them hasn't been. Just look at how many ...

Introducing enhancements in Kiro CLI 2.0

The AWS Kiro team today is announcing v2.0, which delivers a headless mode, Windows support and an updated, refreshed user ...

Create simple UX for domain-specific languages with VS Code

Generic formats like JSON or XML are easier to version than forms. However, they were not originally intended to be ...