The Hacker News

SGLang CVE-2026-5760 (CVSS 9.8) Enables RCE via Malicious GGUF Model Files

CVE-2026-5760 (CVSS 9.8) exposes SGLang via /v1/rerank endpoint, enabling RCE through malicious GGUF models, risking server ...
The Hacker News

Self-Propagating Supply Chain Worm Hijacks npm Packages to Steal Developer Tokens

Self-propagating npm worm steals tokens via postinstall hooks, impacting six packages and expanding supply chain attacks.

Hackers used AI to steal hundreds of millions of Mexican government and private citizen records in one of the largest cybersecurity breaches ever

A group of hackers used both Claude Code and ChatGPT in a cybersecurity hack that lasted two and a half months.

Fake Windows update installs hidden malware

Scammers built a convincing fake Windows update site that installs password-stealing malware. Learn how the multi-stage ...
eWeek

Canva AI 2.0 Aims to Replace Multi-Tool Workflows with One Prompt

Canva AI assistant now builds designs from prompts, using multiple tools and integrations to automate workflows.
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
InfoWorld

Best practices for building agentic systems

Which technologies, designs, standards, development approaches, and security practices are gaining momentum in multi-agent ...
eWeek

Anthropic Debuts ‘Repeatable Routines’ in Major Claude Code Automation Update

Anthropic introduces “repeatable routines” in Claude Code, bringing AI-powered automation and a redesigned workspace to ...

OpenAI’s Agents SDK 2026 Update: What’s New in Building AI Agents

AI assistant have become a thing of the past. What's now is far more autonomous and OpenAI is making it a lot easier to build ...
Le Lézard

Snowflake Expands Snowflake Intelligence and Cortex Code to Power the Control Plane for the Agentic Enterprise

Snowflake , the AI Data Cloud company, today announced significant updates across Snowflake Intelligence and Cortex Code, advancing its vision to become the control plane for the agentic enterprise.

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
The Chronicle-JournalOpinion

Street-level concerns abound. Potholes are everywhere while police get nearly four times the City’s budget target to put more boots on the beat

Potholes on city streets seem worse than anyone can remember. Roadwork makes up more than 20 per cent of the 2026 capital ...