InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

What most LLM apps get wrong about security

When Nandakishore Leburu was building LLM applications at LinkedIn, he learned that the models weren't the problem. The ...

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.
The Hacker News

Marimo RCE Flaw CVE-2026-39987 Exploited Within 10 Hours of Disclosure

Marimo CVE-2026-39987 exploited within 10 hours of disclosure, enabling unauthenticated RCE and credential theft, emphasizing urgent patching needs.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Meta researchers introduce 'hyperagents' to unlock self-improving AI for non-coding tasks

Meta's new hyperagent framework breaks the AI "maintenance wall," allowing systems to autonomously rewrite their own logic ...

Google shoehorned Rust into Pixel 10 modem to make legacy code safer

To protect the Pixel modem from zero-day attacks, Google focused on the DNS parser. As cellular features have migrated to ...

I vibe coded a feed reading web app. It was enlightening and uncomfortable

Back in 2019, AI attracted attention for producing quirky, weird content. By 2022, it was producing occasionally passable ...

Cloudflare And OpenAI Launch Agent Cloud For Enterprises

Cloudflare expands Agent Cloud with OpenAI GPT-5.4 integration and isolate-based Dynamic Workers, challenging containers as ...
eWeek

OpenAI Rolls Out Locked-Down GPT-5.4-Cyber Model

A new model so sharp OpenAI put childproof caps on it. OpenAI has rolled out GPT-5.4-Cyber, a fine-tuned cousin of its ...
Decrypt

'Nothing Ever Happens': This Bot Always Bets 'No' on Polymarket, And It Has a Point

Sterling Crispin's 'Nothing Ever Happens' bot automatically buys "No" on every non-sports Polymarket it finds. It's not that ...
Boing Boing on MSN

An open-source bot that only bets no on Polymarket is making money

Sterling Crispin, an artist and engineer, built a Python bot called Nothing Ever Happens that does one thing on Polymarket - ...