The Hacker News

Researchers Discover Critical GitHub CVE-2026-3854 RCE Flaw Exploitable via Single Git Push

CVE-2026-3854 (CVSS 8.7) enabled GitHub RCE via git push, risking cross-tenant access to millions of repositories.
The Hacker News

Critical Apache HTTP/2 Flaw (CVE-2026-23918) Enables DoS and Potential RCE

The Apache Software Foundation (ASF) has released security updates to address several security vulnerabilities in the HTTP ...

The Missing Layer In AI-Driven Engineering: Reliable Execution

That gap is becoming increasingly visible in the latest wave of AI-driven code review tools. Multi-agent systems can now scan ...
SecurityWeek

Gemini CLI Vulnerability Could Have Led to Code Execution, Supply Chain Attack

Attackers could inject prompts into a GitHub issue and take over the AI agent designed to automatically triage the issue.