SecurityWeek

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...
The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
TechJuice

Researchers Claim Malicious Repositories Turn Claude Code Into an Ideal Hacker’s Tool

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.
American Hospital Association

H-ISAC TLP White Vulnerability Bulletin Remote Code Execution Vulnerability in Juniper Networks PTX Series

Juniper Networks recently published an advisory regarding a critical vulnerability, CVE-2026-21902, affecting Junos OS Evolved on PTX Series routers. This flaw allows an unauthenticated, network-based ...
Bleeping Computer

R language flaw allows code execution via RDS/RDX files

A new vulnerability has been discovered in the R programming language that allows arbitrary code execution upon deserializing specially crafted RDS and RDX files. R is an open-source programming ...
The Hacker News

New Chrome Vulnerability Let Malicious Extensions Escalate Privileges via Gemini Panel

Chrome CVE-2026-0628 let malicious extensions hijack Gemini panel for privilege escalation, local file access, and ...
Network World

Google discloses unpatched IE vulnerability after Patch Tuesday delay

Google’s Project Zero team has disclosed a potential arbitrary code execution vulnerability in Internet Explorer because Microsoft has not acted within Google’s 90-day disclosure deadline. This is the ...

Page Builder by SiteOrigin WordPress Vulnerability Affects Up To 500k Sites

Page Builder by SiteOrigin WordPress plugin vulnerability enables attackers to execute arbitrary server files.