The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
Dark Reading

'TrustFall' Convention Exposes Claude Code Execution Risk

Malicious repositories can trigger code execution in Claude Code, Cursor CLI, Gemini CLI, and CoPilot CLI with minimal or no ...
SecurityWeek

Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack

Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue.
The Hacker News

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP ...
CSOonline

Atlassian patches critical remote code execution vulnerabilities in multiple products

The company also releases advisories for high-severity data leaks and denial-of-service issues across multiple products, including Jira and Confluence. Atlassian has released urgent patches for ...
Wired

Here Are the Google and Microsoft Security Updates You Need Right Now

Microsoft’s February Patch Tuesday saw the software giant issue 73 patches, including two fixes for flaws already being used in attacks. The first is CVE-2024-21412, an Internet Shortcut Files ...

The Missing Layer In AI-Driven Engineering: Reliable Execution

That gap is becoming increasingly visible in the latest wave of AI-driven code review tools. Multi-agent systems can now scan ...