SecurityWeek

Critical Marimo Flaw Exploited Hours After Public Disclosure

A threat actor started exploiting CVE-2026-39987, an unauthenticated RCE vulnerability in Marimo, nine hours after public ...
InfoQ

Stateful Continuation for AI Agents: Why Transport Layers Now Matter

Agent workflows make transport a first-order concern. Multi-turn, tool-heavy loops amplify overhead that is negligible in ...
The Hacker News

New Chaos Variant Targets Misconfigured Cloud Deployments, Adds SOCKS Proxy

Chaos malware targets misconfigured cloud deployments, detected by Darktrace in 2025, expanding botnet monetization via proxy ...
Bleeping Computer

New RoadK1ll WebSocket implant used to pivot on breached networks

A newly identified malicious implant named RoadK1ll is enabling threat actors to quietly move from a compromised host to other systems on the network. The malware is a Node.js implant that ...