Hackers exploiting Acrobat Reader zero-day flaw since December

Attackers have been exploiting a zero-day vulnerability in Adobe Reader using maliciously crafted PDF documents since at ...
Dark Reading

Google Fixes Critical RCE Flaw in AI-Based 'Antigravity' Tool

The prompt-injection issue in the agentic AI product for filesystem operations was a sanitization issue that allowed for ...

Adobe issues emergency security patch — Reader and Acrobat users need to update now

An Adobe zero-day used since December 2025 is now patched ...
Bleeping Computer

Over 14,000 F5 BIG-IP APM instances still exposed to RCE attacks

Internet threat-monitoring non-profit Shadowserver has found over 14,000 BIG-IP APM instances exposed online amid ongoing attacks exploiting a critical-severity remote code execution (RCE) ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...
CSO Online

Claude uncovers a 13‑year‑old ActiveMQ RCE bug within minutes

The decade-old ActiveMQ flaw was uncovered and weaponized in minutes, showing AI’s exploit-building potential amid the Mythos ...