The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.

Actively exploited Apache ActiveMQ flaw impacts 6,400 servers

Nonprofit security organization Shadowserver found that over 6,400 Apache ActiveMQ servers exposed online are vulnerable to ...
SecurityWeek

Claude Code, Gemini CLI, GitHub Copilot Agents Vulnerable to Prompt Injection via Comments

Anthropic’s Claude Code Security Review, Google’s Gemini CLI Action, and GitHub Copilot Agent hacked via prompt injection ...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...
The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...
SecurityWeek

Serial-to-IP Converter Flaws Expose OT and Healthcare Systems to Hacking

Serial-to-IP converters are affected by potentially serious vulnerabilities that can expose OT and healthcare systems to ...

Microsoft patched a Copilot Studio prompt injection. The data exfiltrated anyway.

Microsoft assigned CVE-2026-21520 to a Copilot Studio prompt injection vulnerability and patched it in January — but in ...

The AI governance mirage: Why 72% of enterprises don’t have the control and security they think they do

VentureBeat research finds 72% of enterprises are running multiple "primary" AI platforms with no clear owner — creating ...
CPO Magazine

Axios Supply Chain Attack Hits OpenAI: Users Urged to Update macOS Certificates

The supply chain attack on third-party library Axios has forced OpenAI to revoke its code-signing certificate and require ...
Blue Headlineq

Amazon RuleForge Shows What Agentic AI Security Looks Like at Real Scale

Security teams do not just have a vulnerability problem anymore. They have a translation problem. In 2025, the National Vulnerability Database published more than 48,000 new CVEs.
Supply House Times

AI is moving faster than your security policies

AI is evolving faster than the policies, security systems, and safeguards designed to manage it. The smartest companies won’t ...

Operant AI Launches CodeInjectionGuard to Defend AI Agents Against Runtime Code Injection Attacks

Operant AI builds runtime security for AI agents, defending autonomous systems at the point of execution where static analysis and pre-deployment scanning cannot reach. Agent Protector provides ...