News

The Hacker News6m
Cursor AI Code Editor Vulnerability Enables RCE via Malicious MCP File Swaps Post Approval
The vulnerability, tracked as CVE-2025-54136 (CVSS score: 7.2), has been codenamed MCPoison by Check Point Research, owing to ...
The Hacker News3d
Cursor AI Code Editor Fixed Flaw Allowing Attackers to Run Commands via Prompt Injection
Critical flaw in Cursor AI editor let attackers execute remote code via Slack and GitHub—fixed in v1.3 update.
Flaw in Gemini CLI AI coding assistant allowed stealthy code execution
A vulnerability in Google's Gemini CLI allowed attackers to silently execute malicious commands and exfiltrate data from ...
SecurityWeek1d
Several Vulnerabilities Patched in AI Code Editor Cursor
Attackers could silently modify sensitive MCP files to trigger the execution of arbitrary code without requiring user ...
Exploit available for critical Cisco ISE bug exploited in attacks
Security researcher Bobby Gould has published a blog post demonstrating a complete exploit chain for CVE-2025-20281, an ...
Flaw in Gemini CLI coding tool could allow hackers to run nasty commands
Researchers needed less than 48 hours with Google’s new Gemini CLI coding agent to devise an exploit that made a default ...
Security Boulevard5d
Response to CISA Alert: Microsoft Releases Guidance on Exploitation of SharePoint Vulnerabilities
AttackIQ has released a new emulation that compiles the Tactics, Techniques, and Procedures (TTPs) associated with the ...
Google's Gemini CLI agent could run malicious code silently
The recently introduced Google Gemini CLI agent, which provides a text based command interface to the company's artificial ...
SecurityWeek13d
Critical Vulnerabilities Patched in Sophos Firewall
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
SDxCentral8d
Chinese cyberespionage group targets VMware, F5 vulnerabilities
Chinese-linked "Fire Ant" group exploits hypervisor and network-layer blind spots to maintain covert access across enterprise ...
SharePoint vulnerability with 9.8 severity rating under exploit across globe
The vulnerability, tracked as CVE-2025-53770, carries a severity rating of 9.8 out of a possible 10. It gives unauthenticated ...
Activision pulls Call of Duty game after PC players are hacked
Activision has taken one of its Call of Duty games down from the Microsoft Store and PC version of Game Pass, reportedly because multiple PC players had their computers compromised by hackers after ...