The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
Bleeping Computer

Counter-Strike 2 HTML injection bug exposes players’ IP addresses

Valve has reportedly fixed an HTML injection flaw in CS2 that was heavily abused today to inject images into games and obtain other players' IP addresses. While initially thought to be a more severe ...

Operant AI Launches CodeInjectionGuard to Defend AI Agents Against Runtime Code Injection Attacks

New capability intercepts and blocks malicious code at the point of execution, closing the critical gap between vulnerability ...
Dark Reading

GitLab's AI Assistant Opened Devs to Code Theft

An indirect prompt injection flaw in GitLab's artificial intelligence (AI) assistant could have allowed attackers to steal source code, direct victims to malicious websites, and more. In fact, ...

Gimp 3.2.2 patches vulnerability that allows code injection with GIFs

Security vulnerabilities in Gimp allow code injection with manipulated files like GIFs. There is no update yet.