CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...

Reveal Survey Identifies the Most In-Demand Technology Jobs and Skills

Talent shortages are the single biggest challenge facing technology leaders in 2026, as artificial intelligence rapidly reshapes hiring priorities, according to the new Reveal 2026 IT Talent Survey, ...
DataBreachToday

Breach Roundup: Mr. Raccoon Wants Your Password

This week, a "Raccoon"-linked actor hit help desks, Eurail exposed 308K users, Fortinet patched critical flaws, Pushpaganda ...

GitLab Extends Agentic AI with New Automated Security Remediation, Pipeline Setup, and Delivery Analytics

GitLab 18.11 helps address those gaps with platform-native agents that have access to the code, pipelines, issues, and ...

CISA flags Apache ActiveMQ flaw as actively exploited in attacks

CISA warned that attackers are now exploiting a high-severity Apache ActiveMQ vulnerability, which was patched earlier this ...

Microsoft Warns PC Users—New Windows Update May Lock You Out

New warning for Windows users. Barely 48 hours after Microsoft’s new security update went live, we had warnings that its ...

Windows 11 gets improved privacy controls, better Windows Hello, and more in new builds

Friday Windows 11 preview builds are here, offering improvements for Windows Hello, Settings, File Explorer, and more in the ...

Recently leaked Windows zero-days now exploited in attacks

Threat actors are exploiting three recently disclosed Windows security vulnerabilities in attacks aimed at gaining SYSTEM or ...
The Hacker News

Apache ActiveMQ CVE-2026-34197 Added to CISA KEV Amid Active Exploitation

CVE-2026-34197 exploited in Apache ActiveMQ; CISA KEV listing sets April 30, 2026 patch deadline, increasing enterprise RCE ...
CSO Online

Caught, Quarantined, Re-installed: RedSun turns Microsoft Defender on itself

New PoC shows how Microsoft Defender can be tricked into rewriting malicious files into protected locations, enabling ...

Why AI’s Biggest Bottleneck Isn’t Intelligence, It’s Orchestration

That gap between what enterprises need to automate and what their orchestration tools can handle is the overlooked AI ...