CSO Online

Claude Code has an MCP security problem — and your developers are already using it

The Mitiga disclosure is the most recent, but it is not the first time Claude Code’s configuration model has created a ...
CSO Online

Flowise’s MCP implementation can run ghost commands

A 9.9-severity vulnerability in Flowise’s MCP stdio implementation can allow attackers to achieve remote code execution in ...
InfoWorld

The role of MCP in context engineering

Developers are discovering that Model Context Protocol shines at providing AI coding agents with highly relevant software engineering context, on demand, at run time.

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard

Perplexity launches Bumblebee: How its new read-only dev scanner differs from Chainguard ...
How-To Geek on MSN

Claude's no-code canvas replaces hours of Python debugging in minutes

I ditched my terminal for Claude's built-in code executor, and I'm not going back.
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

Running Claude Code or Claude in Chrome? Here's the audit matrix for every blind spot your security stack misses

Four research teams found the same confused deputy failure in Claude across three surfaces in 48 hours. This audit matrix maps every blind spot and fix.
Dark Reading

With Complex Cloud Integrations, Small Errors Lead to Major Compromises

Cybersecurity researchers create a five-step exploit chain using over-permissioned roles, secrets discovery, and NHIs to attack a popular low-code service.

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...