Vulnerability
AI
Technology
Google Patches CVSS 10.0 Flaw in Gemini CLI That Turned AI Developer Tool Into RCE Vector
A critical vulnerability in Google's AI command-line interface allowed attackers to execute arbitrary code through compromised GitHub Actions workflows, exposing systemic security gaps as enterprises rush AI tooling into production pipelines.
Breaking
Technology
Microsoft’s Incomplete Patch Leaves Zero-Click Windows Flaw Active in Russian Attack Campaigns
A critical vulnerability Microsoft patched in February 2026 left behind a credential theft vector now actively exploited by Russian threat actors, forcing emergency re-patching across federal agencies.