InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.
SecurityWeek

Oracle’s First 2026 CPU Delivers 337 New Security Patches

Oracle patches roughly 230 unique CVEs across more than 30 products with its first Critical Patch Update (CPU) released in ...
WinBuzzer

How ‘Reprompt’ Turned Microsoft Copilot Into an Invisible Spy with One Click

Microsoft has patched a vulnerabilitz in Copilot Personal that allowed hackers to steal sensitive user data through a single ...
Dark Reading

Vulnerabilities Threaten to Break Chainlit AI Framework

Familiar bugs in a popular open source framework for AI chatbots could give attackers dangerous powers in the cloud.

Indirect prompt injection in Google Gemini enabled unauthorized access to meeting data

Miggo’s researchers describe the methodology as a form of indirect prompt injection leading to an authorization bypass. The ...
CSO Online

Google Gemini flaw exposes new AI prompt injection risks for enterprises

A calendar-based prompt injection technique exposes how generative AI systems can be manipulated through trusted enterprise ...
Dark Reading

Google Gemini Flaw Turns Calendar Invites Into Attack Vector

The indirect prompt injection vulnerability allows an attacker to weaponize Google invites to circumvent privacy controls and ...
The Hacker News

Zoom and GitLab Release Security Updates Fixing RCE, DoS, and 2FA Bypass Flaws

Zoom and GitLab have released security updates to resolve a number of security vulnerabilities that could result in denial-of ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...