Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...
The Hacker News

ThreatsDay Bulletin: $290M DeFi Hack, macOS LotL Abuse, ProxySmart SIM Farms +25 New Stories

ThreatsDay Bulletin: active exploits, supply chain attacks, AI abuse, and stealth data risks observed this week.
Agence France-Presse

SymphonyAI Launches Eight AI Applications Purpose-Built for Energy Asset Reliability and Operational Performance

SymphonyAI, a global leader in Vertical AI platforms, today announced eight new industrial AI applications purpose-built for energy operators, marking the most targeted expansion of IRIS Foundry into ...