GitHub fixes RCE flaw that gave access to millions of private repos

In early March, GitHub patched a critical remote code execution vulnerability (CVE-2026-3854) that could have allowed ...
InfoWorld

Critical GitHub RCE bug exposed millions of repositories

The now‑patched flaw allowed authenticated users to execute arbitrary code via crafted git push requests, affecting ...
Blockonomi

ZetaChain’s $334K Gateway Exploit: How a Chained Vulnerability Drained Team Wallets Across 4 Chains

ZetaChain lost $334K in a targeted GatewayEVM exploit on April 26. No user funds were affected. A patch is now being deployed ...
TechCrunch

Anthropic hands Claude Code more control, but keeps it on a leash

For developers using AI, “vibe coding” right now comes down to babysitting every action or risking letting the model run unchecked. Anthropic says its latest update to Claude aims to eliminate that ...
Network World

Telnet vulnerability opens door to remote code execution as root

A critical Telnet vulnerability with a CVSS rating of 9.8 enables attackers to take full control of affected systems before authentication even kicks in, security researchers at Dream Security have ...
HHS

Malicious Repo Files Could Hijack Claude Code Sessions

Multiple vulnerabilities in Anthropic's Claude Code could enable attackers to run harmful commands and steal API keys by hiding malicious files in a code repository, Check Point researchers found.
InfoWorld

Flaws in four popular VS Code extensions left 128 million installs open to attack

Critical and high-severity vulnerabilities were found in four widely used Visual Studio Code extensions with a combined 128 million downloads, exposing developers to file theft, remote code execution, ...
Forbes

Mozilla Issues Firefox System Takeover Security Update

This voice experience is generated by AI. Learn more. This voice experience is generated by AI. Learn more. Update Firefox and Thunderbird now. Mozilla has confirmed a security issue affecting all ...
ExtremeTech

Microsoft Fixes Windows 11 Bug That Let Attackers Run Remote Code in Notepad

Share on Facebook (opens in a new window) Share on X (opens in a new window) Share on Reddit (opens in a new window) Share on Hacker News (opens in a new window) Share on Flipboard (opens in a new ...
PC World

Windows Notepad is now complex enough to have a serious security flaw

PCWorld reports that Windows Notepad’s new Markdown support feature has introduced a serious remote code execution vulnerability with a high CVSS score of 8.8/7.7. The security flaw allows malicious ...
TechSpot

Unwanted AI upgrade to Windows Notepad created a serious security flaw

The big picture: Microsoft released its latest Patch Tuesday update this week with 59 hotfixes across Windows, Microsoft Office, Azure, and core system components. The update includes patches for six ...
TechRepublic

arbitrary code execution

Apple urges users to update after patching CVE-2026-20700, a zero-day flaw exploited in sophisticated targeted attacks across multiple devices. Google released a Chrome security update fixing two high ...