200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Mistral AI launches Workflows, a Temporal-powered orchestration engine already running millions of daily executions

Mistral AI launches Workflows, a Temporal-powered orchestration platform for enterprise AI that automates mission-critical ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
The Hacker News

ThreatsDay Bulletin: SMS Blaster Busts, OpenEMR Flaws, 600K Roblox Hacks and 25 More Stories

SMS blasters, npm supply chain hits, and unpatched Windows flaws. Stay ahead of new phishing kits and exposed servers.
Infosecurity Magazine

Deep#Door Python Backdoor Evades Detection On Windows

A stealthy Python-based backdoor framework capable of long-term surveillance and credential theft has been identified ...
SecurityWeek

Sophisticated Deep#Door Backdoor Enables Espionage, Disruption

The stealthy Python-based backdoor framework deploys a persistent Windows implant likely designed for espionage.
The Hacker News

New Python Backdoor Uses Tunneling Service to Steal Browser and Cloud Credentials

DEEP#DOOR embeds a Python RAT in a dropper script, using bore[.]pub C2 to steal credentials and evade Windows defenses, ...
Arabian Post

LeRobot flaw exposes robotics AI servers

Hugging Face’s LeRobot robotics framework is facing scrutiny after disclosure of a critical remote code execution ...