CSO Online

Prompt injection turned Google’s Antigravity file search into RCE

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
heise online

FortiClient EMS: Critical code-injection vulnerability is being exploited

A zero-day vulnerability exists in FortiClient EMS, which attackers are already exploiting in the wild. This allows them to inject and execute malicious code without prior authentication. Fortinet ...
Security Boulevard

CISA Warns of Craft CMS Code Injection Vulnerability Exploited in Attacks

This issue matters because it involves a remote, unauthenticated code execution path in a content management system that CISA has already confirmed is being exploited in the wild. For CISOs, the ...
TechCrunch

Anthropic hands Claude Code more control, but keeps it on a leash

For developers using AI, “vibe coding” right now comes down to babysitting every action or risking letting the model run unchecked. Anthropic says its latest update to Claude aims to eliminate that ...
Dark Reading

How AI Coding Tools Crushed the Endpoint Security Fortress

RSAC 2026 CONFERENCE – San Francisco – Artificial intelligence has been hailed by many as a game changer for cybersecurity, but one researcher believes these new tools are systemically undermining ...