The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...

Python libraries used in top AI and ML tools hacked

The bugs have been fixed, so users should patch now, experts warn.

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...

Some worrying security flaws were found in Anthropic's official Git MCP

Here's what happened next ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...

Microsoft January 2026 Patch Tuesday fixes 3 zero-days, 114 flaws

Today is Microsoft' 2026 Patch Tuesday with security updates for 114 flaws, including one actively exploited and two publicly ...
Security Boulevard

Anthropic, Microsoft MCP Server Flaws Shine a Light on AI Security Risks

Researchers with Cyata and BlueRock uncovered vulnerabilities in MCP servers from Anthropic and Microsoft, feeding ongoing security worries about MCP and other agentic AI tools and their dual natures ...

MIT’s new ‘recursive’ framework lets LLMs process 10 million tokens without context rot

While standard models suffer from context rot as data grows, MIT’s new Recursive Language Model (RLM) framework treats ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...