Bleeping Computer

Microsoft patches Exchange Server zero-day exploited in attacks

Microsoft has patched an actively exploited Exchange Server vulnerability that allows threat actors to execute arbitrary JavaScript code in cross-site scripting (XSS) attacks targeting Outlook Web ...
The Hacker News

One-Character Linux Kernel Flaw Enables Local Root Access, Exploits Now Public

Security researchers have published a detailed, working exploit for a Linux kernel use-after-free that lets an unprivileged local user escalate to root and break out of a container. The flaw came down ...
GitHub

Model Context Protocol servers

This repository is a collection of reference implementations for the Model Context Protocol (MCP), as well as references to community-built servers and additional resources. Important If you are ...
decrypt

Perplexity Wants Your Laptop to Do Part of the AI Work—So It Doesn't Have To

Perplexity announced "hybrid agentic inference" at Computex 2026, a system that automatically splits AI workloads between a user's local device and cloud-based frontier models—no manual configuration ...
BBC

Instagram AI chatbot tricked by hackers to give access to others' accounts

Instagram says it has resolved an issue which saw hackers trick its AI support tool into giving them access to other users' accounts. According to claims shown in screenshots and videos shared on ...
Bleeping Computer

WP Maps Pro bug exploited to create admin accounts on WordPress sites

Hackers are targeting WordPress websites running a vulnerable version of the WP Maps Pro plugin, which allows creating rogue administrator accounts without authentication. The vulnerability, tracked ...