200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
The Manufacturer

The AI-powered R&D department: how agentic AI is supercharging engineering velocity

Industrial R&D teams sit on a goldmine of testing and operational data. But until now, unlocking that data required costly, ...

Open source package with 1 million monthly downloads stole user credentials

Open source software with more than 1 million monthly downloads was compromised after a threat actor exploited a ...

Why OpenAI's 'goblin' problem matters — and how you can release the goblins on your own

If OpenAI can accidentally train its flagship model to obsess over goblins, what other more subtle and potentially harmful ...
BusinessMirror

COA files 4 Fraud Audit Reports worth over P275 million for Bulacan flood control projects

Flags ghost projects, unauthorized relocations, and questionable accomplishments. THE Commission on Audit (COA) has filed four Fraud Audit Reports (FARs) before the Office of the Ombudsman involving ...
BusinessMirror

COA uncovers more fraud in Bulacan flood control projects, files new reports with ICI

The Commission on Audit (COA) has submitted four additional Fraud Audit Reports to the Independent Commission for Infrastructure (ICI), exposing further irregularities in flood control projects ...
Hackaday

This Week In Security: State Malware, State Hardware Bans, And Stuxnet Before Stuxnet Was Cool

Making headlines everywhere is the CopyFail Linux kernel vulnerability, which allows local privilege escalation (LPE) from any user to root privileges on most kernels and distributions. Local ...
Computerworld

Industry

Meta to track employee keystrokes, screen activity to train AI agents The data, gathered through a new internal tool, will be used to improve AI agents’ ability to navigate software and complete ...