Max-severity flaw in ChromaDB for AI apps allows server hijacking

A max-severity vulnerability in the latest Python FastAPI version of the ChromaDB project allows unauthenticated attackers to ...
Microsoft

When prompts become shells: RCE vulnerabilities in AI agent frameworks

New research exposes how prompt injection in AI agent frameworks can lead to remote code execution. Learn how these ...
SecurityWeek

Over 320 NPM Packages Hit by Fresh Mini Shai-Hulud Supply Chain Attack

A fresh Mini Shai-Hulud supply chain attack has hit over 320 NPM packages, along with GitHub Actions and a VS Code extension, ...
InfoWorld

The best new features in Python 3.15

Highlights of Python 3.15, now available in beta, include lazy imports, faster JITs, better error messages, and smarter ...

JDownloader site hacked to replace installers with Python RAT malware

The website for the popular JDownloader download manager was compromised earlier this week to distribute malicious Windows ...
Computer Weekly

BlueRock open sources MCP Python Hooks

As adoption of MCP servers accelerates into the tens of thousands, developers and platform teams are increasingly responsible ...

Protect your enterprise now from the Shai-Hulud worm and npm vulnerability in 6 actionable steps

TanStack had 2FA, OIDC publishing, and Sigstore provenance on every release. The Mini Shai-Hulud worm published 84 malicious ...
News-Medical.Net

Why AI tools need clearer guardrails in high-stakes health research

AI-enabled research tools can accelerate health research, but their data-science roots may clash with epidemiological ...
TMCnet

BlueRock Open Sources MCP Python Hooks for Real-Time MCP Server Visibility

SAN MATEO, Calif., May 6, 2026 /PRNewswire/ -- BlueRock today announced the open source release of BlueRock MCP Python Hooks, a lightweight runtime observability tool for Python. It captures MCP ...
Windows Report

Microsoft Adds Grok 4.3 to Foundry for Enterprise AI Workflows

Microsoft adds Grok 4.3 to Foundry with a 200K context window, native productivity tools, and Azure safety protections.
The Hacker News

Ollama Out-of-Bounds Read Vulnerability Allows Remote Process Memory Leak

Critical out-of-bounds read in Ollama before 0.17.1 leaks process memory including API keys from over 300000 servers via ...
TMCnet

CoreWeave Sandboxes Launches to Accelerate Reinforcement Learning, Agent Tool Use, and Model Evaluation

The Essential Cloud for AI™, today announced CoreWeave Sandboxes, an execution layer that gives AI researchers and platform teams secure, isolate ...