The Hacker News

Google Patches Antigravity IDE Flaw Enabling Prompt Injection Code Execution

Antigravity Strict Mode bypass disclosed Jan 7, 2026, patched Feb 28, enables arbitrary code execution via fd -X flag.
SecurityWeek

EnOcean SmartServer Flaws Expose Buildings to Remote Hacking

Vulnerabilities in EnOcean’s SmartServer IoT platform can be exploited to remotely hack building management systems.
WeLiveSecurity

Analysis of two arbitrary code execution vulnerabilities affecting WPS Office

ESET researchers discovered a code execution vulnerability in WPS Office for Windows (CVE⁠-⁠2024⁠-⁠7262), as it was being exploited by APT-C-60, a South Korea-aligned cyberespionage group. Upon ...
Hosted on MSN

Super Mario Bros. glitch unlocks arbitrary code execution after 40 years

The speedrunning community has achieved a major technical breakthrough in the original Super Mario Bros., enabling Arbitrary Code Execution (ACE) for the first time. The exploit, discovered through a ...
SecurityWeek

Critical GitHub Vulnerability Exposed Millions of Repositories

Wiz discovered a critical remote code execution vulnerability in GitHub that exposed millions of repositories.
Bleeping Computer

GIGABYTE Control Center vulnerable to arbitrary file write flaw

The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. The hardware maker says that ...
SiliconANGLE

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...