The Hacker News

Cohere AI Terrarium Sandbox Flaw Enables Root Code Execution, Container Escape

CVE-2026-5752 CVSS 9.3 flaw in Terrarium enables root code execution via Pyodide prototype traversal, risking container ...
The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
Geeky Gadgets

Anaconda Code add-in for Microsoft Excel

Anaconda a prominent provider of data science, machine learning, and AI solutions, has announced the public beta release of Anaconda Code within its Anaconda Toolbox for Excel. This new feature allows ...
Bleeping Computer

WhatsApp for Windows lets Python, PHP scripts execute with no warning

A security issue in the latest version of WhatsApp for Windows allows sending Python and PHP attachments that are executed without any warning when the recipient opens them. For the attack to be ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.
XDA Developers on MSN

After two months of Open WebUI updates, I'd pick it over ChatGPT's interface for local LLMs

Open WebUI has been getting some great updates, and it's a lot better than ChatGPT's web interface at this point.