Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Anthropic has fixed three bugs in its official Git MCP server that researchers say can be chained with other MCP tools to ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete ...

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code ...

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...

This WebUI vulnerability allows remote code execution - here's how to stay safe

Open WebUI carried CVE-2025-64496, a high-severity code injection flaw in Direct Connection features Exploitation could enable account takeover and RCE via malicious model URLs and Functions API ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...
SecurityWeek

Several Code Execution Flaws Patched in Veeam Backup & Replication

CISA’s Known Exploited Vulnerabilities (KEV) catalog includes four weaknesses found in the product in recent years, including ...
Nature

Secure Software Execution and Code Reuse Attacks

Secure software execution has become a critical concern as modern computing systems, ranging from embedded devices to enterprise platforms, face increasingly sophisticated adversaries. Recent studies ...
The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
CSO Online

Holes in Veeam Backup suite allow remote code execution, creation of malicious backup ...

The vendor has issued a patch to close four holes in its flagship Backup & Replication suite; version 13 users are advised to ...