CSO Online

Thousands of Apache ActiveMQ instances still unpatched, weeks after an actively exploited hole discovered

Now that an attacker can use an LLM to weaponize a bug the minute it's found, taking 12 days to patch ‘is essentially a ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based Antigravity Tool

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

CISA flags new SD-WAN flaw as actively exploited in attacks

CISA has given U.S. government agencies four days to secure their systems against another Catalyst SD-WAN Manager ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
InfoQ

Google ADK for Java 1.0 Introduces New App and Plugin Architecture, External Tools Support, and More

Google's Agent Development Kit for Java reached 1.0, introducing integrations with new external tools, a new app and plugin ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...

GitLab Extends Agentic AI with New Automated Security Remediation, Pipeline Setup, and Delivery Analytics

GitLab 18.11 helps address those gaps with platform-native agents that have access to the code, pipelines, issues, and ...

Azul Delivers Strong FY26 Momentum Fueled by Java Platform Innovation, Channel Expansion and a Growing Enterprise Java Ecosystem

Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today announced strong corporate momentum ...

Experts flag potentially critical security issues at heart of Anthropic MCP

Anthropic sees no issues - and says the tools are working as intended.

The invisible shield: How AI is quietly protecting the software that runs your life

Last week, something alarming happened in the world of software — and almost nobody outside the tech industry noticed. A ...