Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...
CSO Online

GlassWorm falls, but the repo problem is far from solved

CrowdStrike, Google, and the Shadowserver Foundation dismantled the GlassWorm malware operation, but experts say the broader ...
The Hacker News

⚡ Weekly Recap: Linux Flaws, Defender 0-Days, Router Botnets, and Supply Chain Chaos

Supply chain chaos, old bugs, smarter phishing, and botnets everywhere — here’s what broke the internet this week.

GitHub confirms 3,800 internal repos stolen through poisoned VS Code extension as supply chain worm hits Microsoft’s Python SDK

GitHub confirmed attackers stole 3,800 internal repositories via a poisoned VS Code extension. The same threat group, TeamPCP ...
TWCN Tech News

What is Full HD – Difference between HD Ready and Full HD resolution

HD or High Definition, the new gold standard for image resolution, is often used interchangeably with ‘Full HD’ to describe a product’s image resolution, which has only led to confusion. Let’s attempt ...
Investopedia

Understanding Corporate Resolutions: Definition and Key Types

Jiwon Ma is a fact checker and research analyst with a background in cybersecurity, international security, technology, and privacy policies. Before joining Investopedia, she consulted for a global ...
GitHub

Copy Fail · CVE-2026-31431

Local privilege escalation on Linux kernels from 4.11 up to (but not including) the patched 6.18 releases. The bug lives in the kernel's AF_ALG socket interface—specifically how authencesn handles ...
Microsoft

CVE-2026-31431: Copy Fail vulnerability enables Linux root privilege escalation across cloud environments

Microsoft Defender is investigating a high-severity local privilege escalation vulnerability (CVE-2026-31431) affecting multiple major Linux distributions including Red Hat, SUSE, Ubuntu, and AWS ...
The Hacker News

CISA Adds Actively Exploited Linux Root Access Bug CVE-2026-31431 to KEV

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added a recently disclosed security flaw impacting various Linux distributions to its Known Exploited Vulnerabilities (KEV) ...