SecurityWeek

GitLab Patches Code Execution, Information Disclosure Vulnerabilities

GitLab CE/EE security updates resolve 13 vulnerabilities, including high-severity code execution and information disclosure ...
The Hacker News

AutoJack Attack Lets One Web Page Hijack AI Agent for Host Code Execution

Microsoft details AutoJack exploit chain targeting AutoGen Studio MCP WebSocket in pre-release builds, enabling ...
Microsoft

Crypto Clipper uses Tor and worm-like propagation for persistence and control

Microsoft Threat Intelligence analyzed a cryptocurrency clipper campaign that combines clipboard theft, wallet replacement, ...
LinkedIn

Sovereign AI Is Not Sovereign Until Execution Is Governed

Sovereign AI is becoming one of the most important enterprise conversations of 2026. But I think the conversation is still too narrow. Most organizations define sovereign AI around where the model ...
Bleeping Computer

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web ...
GitHub

nano-claw

nano-claw/ ├── src/ │ ├── agent/ # 🧠 Core agent logic │ │ ├── loop.ts # Agent loop (LLM ↔ tool execution) │ │ ├── context.ts # Prompt builder │ │ ├── memory.ts # Persistent memory │ │ ├── skills.ts ...
The Hacker News

North Korean Hackers Are Turning Developer Tools Into Malware Delivery Channels

Proofpoint says UNK_DeadDrop sent 250+ phishing emails to nearly 100 firms, using GitHub and VS Code lures to steal credentials and wallet data.
GitHub

Model Context Protocol servers

This repository is a collection of reference implementations for the Model Context Protocol (MCP), as well as references to community-built servers and additional resources. Important If you are ...