The Hacker News

Google Fixes CVSS 10 Gemini CLI CI RCE and Cursor Flaws Enable Code Execution

Gemini CLI CVSS 10.0 flaw in versions below 0.39.1 enabled RCE in CI workflows, forcing Google to mandate explicit workspace ...

Critical vulnerability in Ruby's standard library ERB:attackers can execute code

The Ruby vulnerability is not easy to exploit, but allows an attacker to read sensitive data, start code, and install ...
SecurityWeek

Critical GitHub Vulnerability Exposed Millions of Repositories

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.
Decrypt

Google Fixes AI Coding Tool Flaw That Let Attackers Execute Malicious Code: Report

Researchers say a prompt injection bug in Google's Antigravity AI coding tool could have let attackers run commands, despite ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...