Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture that could pave the way for remote code execution and have a cascading ...

Microsoft assigned CVE-2026-21520, a CVSS 7.5 indirect prompt injection vulnerability, to Copilot Studio. Capsule Security discovered the flaw, coordinated disclosure with Microsoft, and the patch was ...

Abstract: The Internet of Things (IoT) devices have brought invaluable convenience to our daily lives. However, they also introduce significant security challenges. Common vulnerabilities in numerous ...

A critical vulnerability in OpenAI Group PBC’s Codex coding agent could have exposed sensitive GitHub authentication tokens through a command injection flaw, according to a new report out today from ...

The command line is hot again. For some people, command lines were never not hot, of course, but it’s becoming more common now in the age of AI. Google launched a Gemini command-line tool last year, ...

Microsoft has introduced a new way to install or update apps on your Windows computer. Often, updating or downloading apps from the Microsoft Store can cause a crash. Now, in such a case, users can ...

Researchers have detected attacks that compromised Bomgar appliances, many of which have reached end of life, creating problems for enterprises seeking to patch. Researchers warn that a critical ...

PCWorld reports that Microsoft has introduced a command-line interface for the Microsoft Store, offering a text-based alternative to the traditional graphical interface. The CLI enables users to ...

Microsoft patched a high-severity command injection vulnerability in Windows Notepad through its February 2026 Patch Tuesday updates that allows attackers to execute malicious code remotely via ...

Microsoft is releasing Windows App Development CLI (winapp) in public preview today. The open-source utility is aimed at Windows app developers, to make it easier to work across multiple frameworks ...