200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
The Hacker News

New Linux 'Copy Fail' Vulnerability Enables Root Access on Major Distributions

CVE-2026-31431 CVSS 7.8 flaw since 2017 enables root via 732-byte exploit, impacting major Linux distributions.

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...
FedScoop

Federal judge grants preliminary injunction in challenge to DOGE record access at OPM

Protesters gather outside of the Theodore Roosevelt Federal Building headquarters of the U.S. Office of Personnel Management on February 03, 2025 in Washington, DC. The group of federal employees and ...

Runpod Launches Flash: The Fastest Way to Deploy AI Inference

Runpod Flash is an open-source Python SDK that removes the infrastructure overhead between writing AI code and running it in ...

Anaconda Releases Desktop in Public Beta, Unifying AI Development Workflow

Anaconda, an infrastructure provider for the Python community, has released Anaconda Desktop in public beta, designed for AI ...
Security Boulevard

Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework

Home » Security Bloggers Network » Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude Code to Compromise the CAP Framework The post Shai-Hulud Strikes SAP: Supply Chain Worm Weaponized Claude ...

A founder says Cursor's AI agent deleted his startup's database, causing chaos for customers

The founder of PocketOS said that a Cursor AI agent running on Anthropic's Claude Opus model was behind the "destructive ...

An AI agent allegedly deleted a startup's production database, causing a huge outage

People are trusting their AI agents with much more important work, but doing so still carries significant risks. Just ask ...

AI coding agent running Claude wiped a startup's database (and its backups) in 9 seconds

PocketOS, which provides software to car rental businesses, was using the agent against live infrastructure rather than ...
eWeek

Claude Wiped a Database in 9 Seconds After ‘Guessing Instead Of Verifying’

A PocketOS founder says a Claude-powered Cursor agent deleted a live database and backups in nine seconds after guessing ...