CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
Infosecurity Magazine

Attackers Exploit DVR Command Injection Flaw to Deploy Mirai-Based Botnet

FortiGuard Labs has identified a Mirai-based Nexcorium campaign actively exploiting CVE-2024-3721 in TBK DVR devices ...
SecurityWeek

Fortinet Patches Critical FortiSandbox Vulnerabilities

Fortinet patched 27 vulnerabilities, including two critical FortiSandbox flaws leading to authentication bypass and code ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Critical Nginx UI auth bypass flaw now actively exploited in the wild

A critical vulnerability in Nginx UI with Model Context Protocol (MCP) support is now being exploited in the wild for full ...

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
SecurityWeek

Unsecured Perforce Servers Expose Sensitive Data From Major Orgs

A researcher analyzed internet-facing Perforce P4 servers and found that many are still misconfigured, exposing highly ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...

Microsoft’s Patch Tuesday release for April is a whopper

Nearly every major product family needs immediate patching, from Windows to Office to Microsoft Edge, SQL Server, and even ...
The Hacker News

Actively Exploited nginx-ui Flaw (CVE-2026-33032) Enables Full Nginx Server Takeover

CVE-2026-33032 exposes nginx-ui to unauthenticated takeover via MCP endpoint, impacting 2,600+ instances with active ...
Healio

Headline News

SAN FRANCISCO — A speaker at ACP’s Internal Medicine Meeting discussed several articles recently published in Annals of Internal Medicine that are of particular relevance to primary care providers.