The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...
Make Tech Easier

FileWizard: The Ultimate Tool for Converting and Managing Files

FileWizard lets you convert documents, extract text, transcribe audio and manage files on your own computer without uploading ...

This new LinkedIn phishing scam is targeting executives

Here's what to look out for ...

How to strip AI from Chrome, Edge, and Firefox with one simple script

How to strip AI from Chrome, Edge, and Firefox with one simple script ...
WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that attackers are actively exploiting.

CFOs are now getting their own 'vibe coding' moment thanks to Datarails

The promise of the new agents is to solve the fragmentation problem that plagues finance departments. Unlike a sales leader ...
SecurityWeek

Chainlit Vulnerabilities May Leak Sensitive Information

Vulnerabilities in Chainlit could be exploited without user interaction to exfiltrate environment variables, credentials, ...
The Hacker News

North Korea-Linked Hackers Target Developers via Malicious VS Code Projects

North Korean hackers abuse Visual Studio Code task files in fake job projects to deploy backdoors, spyware, and crypto miners ...
Dark Reading

DPRK Actors Deploy VS Code Tunnels for Remote Hacking

A spear-phishing campaign tied to the Democratic People's Republic of Korea (DPRK) uses trusted Microsoft infrastructure to ...

Reminders sent to 13,000 students in Waterloo region with outdated vaccination records

Region of Waterloo Public Health has issued notices to more than 13,000 students about out-of-date vaccination records. If ...
SecurityWeek

‘SolyxImmortal’ Information Stealer Emerges

The Python-based information stealer SolyxImmortal uses legitimate APIs and libraries for stealthy data gathering and ...
CSO Online

Misconfigured demo environments are turning into cloud backdoors to the enterprise

Beyond this, Yaffe advised enterprises to “inventory everything” to establish a complete, up-to-date picture of all cloud ...