The Hacker News

Claude Code Flaws Allow Remote Code Execution and API Key Exfiltration

Claude Code flaws allow remote code execution and API key theft via untrusted repositories; three bugs fixed across 2025–2026 releases.
SecurityWeek

Vulnerability in MS-Agent AI Framework Can Allow Full System Compromise

A ModelScope MS-Agent vulnerability allows attackers to feed malicious commands to AI agents and modify system files or steal ...
TechJuice

Researchers Claim Malicious Repositories Turn Claude Code Into an Ideal Hacker’s Tool

Security researchers disclose critical vulnerabilities in Anthropic’s Claude Code that allow remote code execution and credential theft.

Avira antivirus allows code smuggling

Three high-risk security vulnerabilities in Avira antimalware software allow attackers to execute code with system privileges, among other things.
SDxCentral

VU#148244: PandasAI interactive prompt function can be exploited to run arbitrary Python ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...
American Hospital Association

H-ISAC TLP White Vulnerability Bulletin Remote Code Execution Vulnerability in Juniper ...

Juniper Networks recently published an advisory regarding a critical vulnerability, CVE-2026-21902, affecting Junos OS Evolved on PTX Series routers. This flaw allows an unauthenticated, network-based ...
IT-Online

Critical Claude code flaws exposed

Check Point Research’s recent identification of critical vulnerabilities in Anthropic’s Claude Code is a cause for concern, particularly for African organisations. This is the word from Hendrik de ...
CSO Online

New Serv-U bugs extend SolarWinds’ run of high-severity disclosures

Four newly disclosed critical CVEs could allow attackers to create privileged accounts and execute arbitrary code, and they reinforce SolarWinds’ status as a high-value target.