AI framework flaws put enterprise clouds at risk of takeover

Two "easy-to-exploit" vulnerabilities in the popular open-source AI framework Chainlit put major enterprises' cloud ...
The Hacker News

Chainlit AI Framework Flaws Enable Data Theft via File Read and SSRF Bugs

High-severity flaws in the Chainlit AI framework could allow attackers to steal files, leak API keys & perform SSRF attacks; ...
The Hacker News

Three Flaws in Anthropic MCP Git Server Enable File Access and Code Execution

Three vulnerabilities in Anthropic’s MCP Git server allow prompt injection attacks that can read or delete files and, in some ...
WinBuzzer

Microsoft January 2026 Patch Tuesday Fixes Actively Exploited DWM Zero-day Alongside 111 ...

Microsoft has patched 112 vulnerabilities in January 2026, including CVE-2026-20805, a Desktop Window Manager zero-day that ...
Cybernews

KongTuke’s CrashFix campaign uses fake Chrome adblocker to deploy ModeloRAT

A worker searching for an adblocker ended up installing malware instead after threat actor KongTuke pushed a fake Chrome ...

Rihanna Doubles Down on the Most Polarizing Animal Print

Letting go of her penchant for python for the evening, Rihanna swathed herself in tiger stripes for a night out in New York.

A taxi driver in Paris scammed me out of £2,503. Why won't my bank refund me? SALLY SORTS IT

While in Paris in December, my friend and I took a taxi ride from Notre-Dame Cathedral to the Galeries Lafayette Paris ...