Dark Reading

Cursor Issue Paves Way for Credential-Stealing Attacks

Researchers discovered a security weakness in the AI-powered coding tool that allows malicious MCP server to hijack Cursor's internal browser.
The Hacker News

Researchers Find Serious AI Bugs Exposing Meta, Nvidia, and Microsoft Inference Frameworks

Cybersecurity researchers have uncovered critical remote code execution vulnerabilities impacting major artificial ...
CSO Online

Rogue MCP servers can take over Cursor’s built-in browser

A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser ...

Microsoft November 2025 Patch Tuesday fixes 1 zero-day, 63 flaws

Today is Microsoft' 2025 Patch Tuesday, which includes security updates for 63 flaws, including one actively exploited ...
InfoWorld

Malicious npm package sneaks into GitHub Actions builds

The typosquatted “@acitons/artifact” package targeted GitHub’s CI/CD workflows, stealing tokens and publishing malicious ...
The Hacker News

⚡ Weekly Recap: Fortinet Exploited, China's AI Hacks, PhaaS Empire Falls & More

Fortinet CVE exploited, China-linked AI attacks exposed, PhaaS platform dismantled, and fake crypto apps deploy RATs. Catch ...
InfoWorld

Red Hat Linux bolsters AI assistance

RHEL command-line assistant expands context limit for more effective AI-powered Linux management and troubleshooting, while offline version becomes available in developer preview.