Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

The security defects could be exploited for remote code execution, OS command injection, and WAF detection bypass.

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

The prompt injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

Microsoft fixes 169 vulnerabilities including exploited SharePoint CVE-2026-32201, prompting CISA remediation by April 28, ...

A prompt injection flaw in Google’s Antigravity IDE turns a file search tool into a remote code execution vector, bypassing ...

When 500,000 Findings Hide 14 Real Threats Modern enterprises ingest vulnerability data from dozens of sources: endpoint ...

This month’s threat landscape is ‘defined by immediate, real-world exploitation rather than just theoretical vulnerabilities, ...

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

Microsoft fixes 167 bugs in April Patch Tuesday, including critical and zero-day vulnerabilities affecting Windows and Office ...

The discovery involves a vulnerable GitHub workflow, within the Windows-driver-samples repository. Tenable Research has ...