Critical Marimo pre-auth RCE flaw now under active exploitation

A critical pre-authentication remote code execution (RCE) vulnerability in Marimo is now under active exploitation, leveraged ...
Android Authority

Google's killing QR code sign-ins for Messages on the web

The Google Messages web app won’t allow users to pair using QR codes for much longer, according to a new warning. Users will instead have to sign in using their Google account credentials. We don’t ...
GitHub

browser-use-mcp-server

An MCP server that enables AI agents to control web browsers using browser-use. 🌐 Want to Vibe Browse the Web? Open-source AI-powered web browser - Vibe Browser.
The Hacker News

GlassWorm Attack Uses Stolen GitHub Tokens to Force-Push Malware Into Python Repos

The GlassWorm malware campaign is being used to fuel an ongoing attack that leverages the stolen GitHub tokens to inject malware into hundreds of Python repositories. "The attack targets Python ...