The Hacker News

CERT/CC Warns binary-parser Bug Allows Node.js Privilege-Level Code Execution

A flaw in the binary-parser npm package before version 2.3.0 lets attackers execute arbitrary JavaScript via unsanitized ...
InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.