InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

Cloudflare expands Agent Cloud with new tools to build and scale AI agents

Cloudflare Inc. today announced an expansion of its Agent Cloud with new features that are designed to help developers build, deploy and scale agents. The new release includes a suite of ...
Security Boulevard

This fake Windows support website delivers password-stealing malware

A convincing Microsoft lookalike tricks users into downloading malware that steals passwords, payments, and account access.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...

Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot

Shadow AI 2.0 isn’t a hypothetical future, it’s a predictable consequence of fast hardware, easy distribution, and developer ...
The Hacker News

OpenAI Revokes macOS App Certificate After Malicious Axios Supply Chain Incident

OpenAI revoked its macOS signing certificate after a malicious Axios dependency incident on March 31, 2026, preventing ...
InfoWorld

Microsoft’s new Agent Governance Toolkit targets top OWASP risks for AI agents

The open-source project maps directly to OWASP’s top 10 agentic AI threats, aiming to curb issues like prompt injection, ...

How a Hacker Used Claude and ChatGPT to Breach Multiple Government Agencies?

Discover how a hacker exploited Claude and ChatGPT to breach government agencies. Learn about the AI-driven tactics used to ...

MCP, Agent Tool Access And The New Execution-Layer Security Gap

The execution layer has already shifted from humans to machines. This transition is not a future trend; it is the current ...

Hackers use Claude and ChatGPT to breach government agencies

Nine Mexican government agencies targeted by a single attacker with two AI tools.
Microsoft

Storm-1175 focuses gaze on vulnerable web-facing assets in high-tempo Medusa ransomware operations

The financially motivated cybercriminal threat actor Storm-1175 operates high-velocity ransomware campaigns that weaponize ...

Cloudflare Expands Its Agent Cloud to Power the Next Generation of Agents

As the way software is built fundamentally changes, Cloudflare introduces the infrastructure to power millions of autonomous, ...