CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Headless 360: Salesforce's latest pitch to let AI do the dev work

The goal of Headless 360 is that everything on the Salesforce platform is now an API (application programming interface), MCP ...

The Most Ignored Practice In AI Coding: Test-Driven Development

What Cherny is describing, in engineering terms, is the operating principle behind test-driven development (TDD). TDD has ...
CSO Online

Seven IBM WebSphere Liberty flaws can be chained into full takeover

A pre‑authentication bug in SAML Web SSO, combined with weak access controls and cryptography, allows attackers to escalate privileges and achieve remote code execution.