A design choice in the MCP SDKs allows remote code execution across the AI supply chain.

Join Push Security's free three-part webinar series where top security researchers break down the browser-based attacks driving today's biggest breaches - from AiTM phishing and ConsentFix to ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

‘All versions of Red Hat Enterprise Linux (RHEL) are affected by [the vulnerabilities] but are not vulnerable in their default configurations,’ the IBM-owned company said. Red Hat warned Thursday that ...

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Remote terminal units, PLCs, PoS systems, and bedside patient monitors may be susceptible to remote code execution, ...

A newly disclosed vulnerability tracked as CVE-2026-32746 has put a spotlight back on a service most security teams would rather forget: telnetd. The flaw is particularly severe because it can allow ...

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...

Today is Microsoft's December 2024 Patch Tuesday, which includes security updates for 71 flaws, including one actively exploited zero-day vulnerability. This Patch Tuesday fixed sixteen critical ...

Splunk has released patches that resolve high- and medium-severity vulnerabilities in Splunk Enterprise and MCP Server.

What can you do with a cheap Linux machine with limited flash and only a single free GPIO line? Probably not much, but sometimes, just getting root to prove you can is the main goal of a project. If ...

Enterprises relying on Gladinet’s file-sharing services are faced with another round of zero-day patching, this time to block attackers from abusing cryptographic keys directly baked into its ...