The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...

Three AI coding agents leaked secrets through a single prompt injection. One vendor's system card predicted it

A prompt injection attack hit Claude Code, Gemini CLI, and Copilot simultaneously. Here's what all three system cards reveal ...
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...
SecurityWeek

Oracle Patches 450 Vulnerabilities With April 2026 CPU

The April 2026 Oracle CPU includes 481 new security patches addressing 450 unique CVEs across 28 product families.

Microsoft releases emergency patches for critical ASP.NET flaw

Microsoft has released out-of-band (OOB) security updates to patch a critical ASP.NET Core privilege escalation vulnerability ...

New npm supply-chain attack self-spreads to steal auth tokens

A new supply chain attack targeting the Node Package Manager (npm) ecosystem is stealing developer credentials and attempting to spread through packages published from compromised accounts.

I found the easiest way to encrypt files on an Android phone - and it's free to do

I found the easiest way to encrypt files on an Android phone - and it's free to do ...