The Hacker News

Six Proto6 Vulnerabilities in protobuf.js Expose Node.js Apps to RCE and DoS

Six Proto6 flaws in protobuf.js enable RCE and DoS attacks; patched in versions 7.5.6 and 8.0.2 to protect Node.js services.
InfoWorld

Protocol Buffers schemas expose remote code execution risk

Researchers at Cyera found six vulnerabilities in prtobuf.js, including a flaw that can turn attacker-controlled schema data ...

WebMCP Can Be Used To Hijack AI Agents, Chrome Warns

Chrome's WebMCP guidance warns that AI agents can be manipulated through the tools they are built to trust.
Nielsen

Ungrounded LLM Fabricates Every Detail for Nearly 1 in 5 Movie and TV Titles Tested, New Gracenote Report Finds

Gracenote, the content intelligence business unit of Nielsen, today released its latest report, “Plot holes in AI: Why ...