The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Google Chrome is warning developers that WebMCP tools can be used to manipulate and hijack AI agents. New guidance outlines ...
CSO Online

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in protobuf.js, including a flaw that can turn attacker-controlled schema data ...