The speedrunning community has achieved a major technical breakthrough in the original Super Mario Bros., enabling Arbitrary Code Execution (ACE) for the first time. The exploit, discovered through a ...

Thirteen critical vulnerabilities have been found in the vm2 JavaScript sandbox package that could allow an attacker’s code to escape the container and do nasty things to IT environments. As a result, ...

The U.S. Cybersecurity & Infrastructure Security Agency (CISA) is warning of hackers exploiting an arbitrary code execution flaw in the Git distributed version control system. The agency has added the ...

Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers. Rsync is ...

PandasAI, an open source project by SinaptikAI, has been found vulnerable to Prompt Injection attacks. An attacker with access to the chat prompt can craft malicious input that is interpreted as code, ...

Google released a Chrome security update fixing two high-severity flaws that could enable code execution or crashes via malicious websites. Google has released a Chrome security update addressing two ...

Developers using the latest versions of AI coding tools like Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI could inadvertently execute malicious code on their systems with a single keypress, or ...

A flaw in Cursor’s AI agent lets malicious repositories trigger arbitrary code execution through routine Git operations, now patched in version 2.5. Security researchers have disclosed a high-severity ...

Critical flaws affecting core components and extensions in PostgreSQL and MariaDB could allow remote code execution. The bugs, some over 20 years old, have now been patched. Open-source databases are ...