The Hacker News

Critical Grist-Core Vulnerability Allows RCE Attacks via Spreadsheet Formulas

A critical Grist-Core flaw (CVE-2026-24002, CVSS 9.1) allows remote code execution through malicious formulas when Pyodide ...
InfoWorld

Gemini Flash model gets visual reasoning capability

Agentic Vision combines visual reasoning with code execution to ground answers in visual evidence, delivering a 5% to 10% ...

Gemini Flash 3 gets ‘Agentic Vision’ for smarter image responses

Google's new ‘Agentic Vision’ capability in Gemini Flash 3 claims to reduce hallucinations and provide more accurate ...
Infosecurity Magazine

Pyodide Sandbox Escape Enables Remote Code Execution in Grist-Core

A critical sandbox escape vulnerability in Grist-Core has been disclosed that allows remote code execution (RCE) through a ...
9to5Google

Gemini 3 Flash’s new ‘Agentic Vision’ improves image responses

Agentic Vision is a new capability for Gemini 3 Flash to make image-related tasks more accurate by “grounding answers in visual evidence.” ...
DATAQUEST

Anthropic debuts Claude Interactive for real-time collaborative work

Anthropic debuts Claude Interactive, a live workspace for real-time code execution, data visualisation, and document editing ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...

Popular Python libraries used in Hugging Face models subject to poisoned metadata attack

The open-source libraries were created by Salesforce, Nvidia, and Apple with a Swiss group Vulnerabilities in popular AI and ...
Dark Reading

AsyncRAT Malware Infests Orgs via Python & Cloudflare

The phishing campaign shows how attackers continue to weaponize legitimate cloud services and open source tools to evade ...

MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

Experts flag around 800,000 Telnet servers exposed to remote attacks

Hackers are hunting for vulnerable endpoints to deploy Python malware.

MIT’s new ‘recursive’ framework lets LLMs process 10 million tokens without context rot

While standard models suffer from context rot as data grows, MIT’s new Recursive Language Model (RLM) framework treats ...