CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...
Dark Reading

'Contagious Interview' Attack Now Delivers Backdoor Via VS Code

Once trust is granted to the repository's author, a malicious app executes arbitrary commands on the victim's system with no ...

GoodData Announces Launch of MCP Server to Let AI Execute Analytics End-To-End

SAN FRANCISCO, CALIFORNIA / ACCESS Newswire / / GoodData, a leader in AI analytics and decision intelligence, today ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...

Kilo launches AI-powered Slack bot that ships code from a chat message

Kilo Code, an open-source AI coding startup backed by GitLab cofounder Sid Sijbrandij, launched Kilo for Slack to turn Slack ...
Hosted on MSN

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...

Jamf has a warning for macOS vibe coders

Just yesterday, we noted the growing threat of ransomware. Now, Jamf Threat Labs is warning that North Korean threat actors ...
Forbes

Programming In The Age Of AI: Why Code Still Matters

Forbes contributors publish independent expert analyses and insights. Amir is Founder of AI unicorn Avathon & Boeing/SC JV, SkyGrid. Recently, a friend asked me a question that's been floating around ...