Your developers are already running AI locally: Why on-device inference is the CISO’s new blind spot

Shadow AI 2.0 isn’t a hypothetical future, it’s a predictable consequence of fast hardware, easy distribution, and developer ...
InfoWorld

Critical flaw in Marimo Python notebook exploited within 10 hours of disclosure

The CVSS‑9.3 vulnerability allows unauthenticated remote code execution on exposed Marimo servers and was exploited in the wild shortly after disclosure, Sysdig says.

8 Best Open Source Roblox Executors For Windows/Android/iOS

Roblox has exploded in popularity over the past few years, attracting millions of players and developers worldwide. With this ...
The Hacker News

ThreatsDay Bulletin: Hybrid P2P Botnet, 13-Year-Old Apache RCE and 18 More Stories

PM This week in cybersecurity: botnets, RCE flaws, AI-driven attacks, stealers, and more. Fast, no-fluff roundup.

Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...