Tech Times

Homebrew 6.0.0 Adds Tap Trust to Block Rogue Ruby Installs, Starts Intel Countdown

Homebrew 6.0.0 shipped June 11 with tap trust, a mechanism that blocks arbitrary Ruby code from third-party taps until ...
Morning Overview on MSN

Hackers are exploiting a maximum-severity bug in a WordPress form plugin on thousands of sites, running their own code with no login required

Thousands of WordPress sites running the Kali Forms plugin are exposed to attackers who can execute arbitrary code on web ...
CSOonline

AI agent finds 18-year-old remote code execution flaw in Nginx

An LLM-powered system found 4 security bugs, including a critical one in the web server’s URL rewrite module. Researchers have found a critical vulnerability in the widely used Nginx web server that ...
PC World

Microsoft’s May updates patch 120 security flaws in Windows and Office

Microsoft released its May Patch Tuesday update addressing 120 security vulnerabilities across Windows and Office, with 30 classified as critical including dangerous remote code execution flaws.
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

AI agents have fundamentally changed the threat model of AI model-based applications. By equipping these models with plugins (also called tools), your agents no longer just generate text; they now ...
thecyberexpress

Cisco Patches Critical ISE Vulnerabilities Allowing Remote Code Execution Attacks

Cisco has released security updates to fix multiple vulnerabilities in its Identity Services Engine and Webex Services, warning that successful exploitation could lead to remote code execution, ...
Microsoft

Cookie-controlled PHP webshells: A stealthy tradecraft in Linux hosting environments

Threat actors are increasingly abusing HTTP cookies as a control channel for PHP-based webshells on Linux servers. Instead of exposing command execution through URL parameters or request bodies, these ...
VentureBeat

Meta's new structured prompting technique makes LLMs significantly better at code review — boosting accuracy to 93% in some cases

Deploying AI agents for repository-scale tasks like bug detection, patch verification, and code review requires overcoming significant technical hurdles. One major bottleneck: the need to set up ...
TechRepublic

Chrome Vulnerabilities Allow Code Execution, Browser Crashes

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites. Google has released a Chrome security update addressing two ...
TechRadar

Trend Micro releases critical security fixes for Apex Central RCE - so patch now

CVE-2025-69258 in Trend Micro Apex Central allowed unauthenticated DLL injection and remote code execution Critical Patch Build 7190 fixes this flaw plus CVE-2025-69259 and CVE-2025-69260 Trend Micro ...
cybernews

Got an AI agent on your computer? Assume a breach, security researcher warns

Instead of writing malware, hackers are already hijacking systems with words. When a computer has Claude Code, GitHub Copilot, Google Jules, or other similar systems, it instantly becomes vulnerable ...